aboutsummaryrefslogtreecommitdiff
path: root/id.server/src
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/AuthenticationException.java31
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/BuildException.java34
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/MOAIDException.java159
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/ParseException.java34
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/ServiceException.java34
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java722
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java52
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java53
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java118
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/WrongParametersException.java21
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java56
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java114
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/Builder.java30
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java51
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java60
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java83
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java137
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java39
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java58
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java60
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java100
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java63
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java52
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java203
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java220
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java71
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java189
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java78
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java177
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java91
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java140
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/parser/ECDSAKeyValueConverter.java350
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java89
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java266
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java110
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java58
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java159
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java156
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java80
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java135
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java96
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java103
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java109
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java95
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java106
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java156
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/validator/ValidateException.java35
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java125
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java697
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/ConfigurationException.java31
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java114
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/ConnectionParameter.java106
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java375
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java93
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java145
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java183
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java193
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java314
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/data/Cookie.java119
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java114
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java111
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java59
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java91
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/iaik/config/LoggerConfigImpl.java51
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java65
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/iaik/config/RevocationConfigurationImpl.java35
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/iaik/config/ValidationConfigurationImpl.java51
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/iaik/pki/PKIProfileImpl.java166
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java119
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java46
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.java54
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java68
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java120
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java125
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java75
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java37
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java83
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java91
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.classbin3613 -> 0 bytes
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java481
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java55
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java143
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java145
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java100
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java80
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java35
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java537
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java213
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java58
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/util/Random.java22
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java160
-rw-r--r--id.server/src/test/MOAIDTestCase.java203
-rw-r--r--id.server/src/test/abnahme/A/Test100StartAuthentication.java171
-rw-r--r--id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java336
-rw-r--r--id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java597
-rw-r--r--id.server/src/test/abnahme/A/Test400GetAuthenticationData.java129
-rw-r--r--id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java305
-rw-r--r--id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java281
-rw-r--r--id.server/src/test/abnahme/A/Test700SelectBKU.java63
-rw-r--r--id.server/src/test/abnahme/AbnahmeTestCase.java163
-rw-r--r--id.server/src/test/abnahme/AllTests.java49
-rw-r--r--id.server/src/test/abnahme/C/Test100Konfiguration.java60
-rw-r--r--id.server/src/test/abnahme/P/Test100LoginParameterResolver.java146
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/AllTests.java41
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java35
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java50
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java47
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java33
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java46
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java58
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java73
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java29
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java51
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java52
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java93
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java38
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java166
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java29
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java137
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java67
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java55
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java91
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java112
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java127
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java31
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java462
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java32
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java19
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java180
-rw-r--r--id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java92
-rw-r--r--id.server/src/test/lasttest/Dispatcher.java64
-rw-r--r--id.server/src/test/lasttest/HostnameVerifierHack.java13
-rw-r--r--id.server/src/test/lasttest/LasttestClient.java218
-rw-r--r--id.server/src/test/lasttest/TestThread.java251
134 files changed, 0 insertions, 16813 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/AuthenticationException.java b/id.server/src/at/gv/egovernment/moa/id/AuthenticationException.java
deleted file mode 100644
index 96a5e0673..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/AuthenticationException.java
+++ /dev/null
@@ -1,31 +0,0 @@
-package at.gv.egovernment.moa.id;
-
-
-/**
- * Exception thrown during handling of AuthenticationSession
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationException extends MOAIDException {
-
- /**
- * Constructor for AuthenticationException.
- * @param messageId
- */
- public AuthenticationException(String messageId, Object[] parameters) {
- super(messageId, parameters, null);
- }
- /**
- * Constructor for AuthenticationException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public AuthenticationException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/BuildException.java b/id.server/src/at/gv/egovernment/moa/id/BuildException.java
deleted file mode 100644
index 785dce7a3..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/BuildException.java
+++ /dev/null
@@ -1,34 +0,0 @@
-package at.gv.egovernment.moa.id;
-
-
-/**
- * Exception thrown while building an XML or HTML structure.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class BuildException extends MOAIDException {
-
- /**
- * Constructor for BuildException.
- * @param messageId
- * @param parameters
- */
- public BuildException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for BuildException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public BuildException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/MOAIDException.java b/id.server/src/at/gv/egovernment/moa/id/MOAIDException.java
deleted file mode 100644
index bce2c4778..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/MOAIDException.java
+++ /dev/null
@@ -1,159 +0,0 @@
-package at.gv.egovernment.moa.id;
-
-import java.io.PrintStream;
-import java.io.PrintWriter;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.w3c.dom.DOMImplementation;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Base class of technical MOA exceptions.
- *
- * Technical exceptions are exceptions that originate from system failure (e.g.,
- * a database connection fails, a component is not available, etc.)
- *
- * @author Patrick Peck, Ivancsics Paul
- * @version $Id$
- */
-public class MOAIDException extends Exception {
- /** message ID */
- private String messageId;
- /** wrapped exception */
- private Throwable wrapped;
-
- /**
- * Create a new <code>MOAIDException</code>.
- *
- * @param messageId The identifier of the message associated with this
- * exception.
- * @param parameters Additional message parameters.
- */
- public MOAIDException(String messageId, Object[] parameters) {
- super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
- this.messageId = messageId;
- }
-
- /**
- * Create a new <code>MOAIDException</code>.
- *
- * @param messageId The identifier of the message associated with this
- * <code>MOAIDException</code>.
- * @param parameters Additional message parameters.
- * @param wrapped The exception wrapped by this
- * <code>MOAIDException</code>.
- */
- public MOAIDException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
-
- super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
- this.messageId = messageId;
- this.wrapped = wrapped;
- }
-
- /**
- * Print a stack trace of this exception to <code>System.err</code>.
- *
- * @see java.lang.Throwable#printStackTrace()
- */
- public void printStackTrace() {
- printStackTrace(System.err);
- }
-
- /**
- * Print a stack trace of this exception, including the wrapped exception.
- *
- * @param s The stream to write the stack trace to.
- * @see java.lang.Throwable#printStackTrace(java.io.PrintStream)
- */
- public void printStackTrace(PrintStream s) {
- if (getWrapped() == null)
- super.printStackTrace(s);
- else {
- s.print("Root exception: ");
- getWrapped().printStackTrace(s);
- }
- }
-
- /**
- * Print a stack trace of this exception, including the wrapped exception.
- *
- * @param s The stream to write the stacktrace to.
- * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter)
- */
- public void printStackTrace(PrintWriter s) {
- if (getWrapped() == null)
- super.printStackTrace(s);
- else {
- s.print("Root exception: ");
- getWrapped().printStackTrace(s);
- }
- }
-
- /**
- * @return message ID
- */
- public String getMessageId() {
- return messageId;
- }
-
- /**
- * @return wrapped exception
- */
- public Throwable getWrapped() {
- return wrapped;
- }
-
- /**
- * Convert this <code>MOAIDException</code> to an <code>ErrorResponse</code>
- * element from the MOA namespace.
- *
- * @return An <code>ErrorResponse</code> element, containing the subelements
- * <code>ErrorCode</code> and <code>Info</code> required by the MOA schema.
- */
- public Element toErrorResponse() {
- DocumentBuilder builder;
- DOMImplementation impl;
- Document doc;
- Element errorResponse;
- Element errorCode;
- Element info;
-
- // create a new document
- try {
- builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
- impl = builder.getDOMImplementation();
- } catch (ParserConfigurationException e) {
- return null;
- }
-
- // build the ErrorResponse element
- doc = impl.createDocument(Constants.MOA_NS_URI, "ErrorResponse", null);
- errorResponse = doc.getDocumentElement();
-
- // add MOA namespace declaration
- errorResponse.setAttributeNS(
- Constants.XMLNS_NS_URI,
- "xmlns",
- Constants.MOA_NS_URI);
-
- // build the child elements
- errorCode = doc.createElementNS(Constants.MOA_NS_URI, "ErrorCode");
- errorCode.appendChild(doc.createTextNode(messageId));
- info = doc.createElementNS(Constants.MOA_NS_URI, "Info");
- info.appendChild(doc.createTextNode(toString()));
- errorResponse.appendChild(errorCode);
- errorResponse.appendChild(info);
- return errorResponse;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/ParseException.java b/id.server/src/at/gv/egovernment/moa/id/ParseException.java
deleted file mode 100644
index a5e0088d9..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/ParseException.java
+++ /dev/null
@@ -1,34 +0,0 @@
-package at.gv.egovernment.moa.id;
-
-
-/**
- * Exception thrown while parsing an XML structure.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ParseException extends MOAIDException {
-
- /**
- * Constructor for ParseException.
- * @param messageId
- * @param parameters
- */
- public ParseException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for ParseException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public ParseException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/ServiceException.java b/id.server/src/at/gv/egovernment/moa/id/ServiceException.java
deleted file mode 100644
index 9e6ab2361..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/ServiceException.java
+++ /dev/null
@@ -1,34 +0,0 @@
-package at.gv.egovernment.moa.id;
-
-
-/**
- * Exception thrown while calling the MOA-SPSS web service.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ServiceException extends MOAIDException {
-
- /**
- * Constructor for ServiceException.
- * @param messageId
- * @param parameters
- */
- public ServiceException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for ServiceException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public ServiceException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
deleted file mode 100644
index bc3e075be..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ /dev/null
@@ -1,722 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-import iaik.pki.PKIException;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.util.Calendar;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Set;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.ServiceException;
-import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
-import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
-import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
-import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder;
-import at.gv.egovernment.moa.id.auth.builder.VPKBuilder;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
-import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
-import at.gv.egovernment.moa.id.auth.validator.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-
-/**
- * API for MOA ID Authentication Service.<br>
- * {@link AuthenticationSession} is stored in a session store and retrieved
- * by giving the session ID.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationServer implements MOAIDAuthConstants {
-
- /** single instance */
- private static AuthenticationServer instance;
- /** session data store (session ID -> AuthenticationSession) */
- private static Map sessionStore = new HashMap();
- /** authentication data store (assertion handle -> AuthenticationData) */
- private static Map authenticationDataStore = new HashMap();
- /**
- * time out in milliseconds used by {@link cleanup} for session store
- */
- private long sessionTimeOut = 10 * 60 * 1000; // default 10 minutes
- /**
- * time out in milliseconds used by {@link cleanup} for authentication data store
- */
- private long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes
-
- /**
- * Returns the single instance of <code>AuthenticationServer</code>.
- *
- * @return the single instance of <code>AuthenticationServer</code>
- */
- public static AuthenticationServer getInstance() {
- if (instance == null)
- instance = new AuthenticationServer();
- return instance;
- }
- /**
- * Constructor for AuthenticationServer.
- */
- public AuthenticationServer() {
- super();
- }
- /**
- * Processes request to select a BKU.
- * <br/>Processing depends on value of {@link AuthConfigurationProvider#getBKUSelectionType}.
- * <br/>For <code>bkuSelectionType==HTMLComplete</code>, a <code>returnURI</code> for the
- * "BKU Auswahl" service is returned.
- * <br/>For <code>bkuSelectionType==HTMLSelect</code>, an HTML form for BKU selection is returned.
- * @param authURL base URL of MOA-ID Auth component
- * @param target "Gesch&auml;ftsbereich"
- * @param oaURL online application URL requested
- * @param bkuSelectionTemplateURL template for BKU selection form to be used
- * in case of <code>HTMLSelect</code>; may be null
- * @param templateURL URL providing an HTML template for the HTML form to be used
- * for call <code>startAuthentication</code>
- * @return for <code>bkuSelectionType==HTMLComplete</code>, the <code>returnURI</code> for the
- * "BKU Auswahl" service;
- * for <code>bkuSelectionType==HTMLSelect</code>, an HTML form for BKU selection
- * @throws WrongParametersException upon missing parameters
- * @throws AuthenticationException when the configured BKU selection service cannot be reached,
- * and when the given bkuSelectionTemplateURL cannot be reached
- * @throws ConfigurationException on missing configuration data
- * @throws BuildException while building the HTML form
- */
- public String selectBKU(
- String authURL,
- String target,
- String oaURL,
- String bkuSelectionTemplateURL,
- String templateURL)
- throws WrongParametersException, AuthenticationException, ConfigurationException, BuildException {
-
- //check if HTTP Connection may be allowed (through FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY)
- String boolStr = AuthConfigurationProvider.getInstance().getGenericConfigurationParameter(
- AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
- if ((!authURL.startsWith("https:")) && (false == BoolUtils.valueOf(boolStr)))
- throw new AuthenticationException("auth.07", new Object[] { authURL + "*" });
- if (isEmpty(authURL))
- throw new WrongParametersException("StartAuthentication", "AuthURL");
- if (isEmpty(target))
- throw new WrongParametersException("StartAuthentication", PARAM_TARGET);
- if (isEmpty(oaURL))
- throw new WrongParametersException("StartAuthentication", PARAM_OA);
-
- ConnectionParameter bkuConnParam =
- AuthConfigurationProvider.getInstance().getBKUConnectionParameter();
- if (bkuConnParam == null)
- throw new ConfigurationException(
- "config.08",
- new Object[] { "BKUSelection/ConnectionParameter" });
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
- if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { oaURL });
- AuthenticationSession session = newSession();
- Logger.info("MOASession " + session.getSessionID() + " angelegt");
- session.setTarget(target);
- session.setOAURLRequested(oaURL);
- session.setPublicOAURLPrefix(oaParam.getPublicURLPrefix());
- session.setAuthURL(authURL);
- session.setTemplateURL(templateURL);
- String returnURL =
- new DataURLBuilder().buildDataURL(authURL, REQ_START_AUTHENTICATION, session.getSessionID());
- String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType();
- if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) {
- // bkuSelectionType==HTMLComplete
- String redirectURL = bkuConnParam.getUrl() + "?" + AuthServlet.PARAM_RETURN + "=" + returnURL;
- return redirectURL;
- } else {
- // bkuSelectionType==HTMLSelect
- String bkuSelectTag;
- try {
- bkuSelectTag = readBKUSelectTag(AuthConfigurationProvider.getInstance(), bkuConnParam);
- } catch (Throwable ex) {
- throw new AuthenticationException(
- "auth.03",
- new Object[] { bkuConnParam.getUrl(), ex.toString()},
- ex);
- }
- String bkuSelectionTemplate = null;
- if (bkuSelectionTemplateURL != null) {
- try {
- bkuSelectionTemplate = new String(FileUtils.readURL(bkuSelectionTemplateURL));
- } catch (IOException ex) {
- throw new AuthenticationException(
- "auth.03",
- new Object[] { bkuSelectionTemplateURL, ex.toString()},
- ex);
- }
- }
- String htmlForm =
- new SelectBKUFormBuilder().build(bkuSelectionTemplate, returnURL, bkuSelectTag);
- return htmlForm;
- }
- }
- /**
- * Method readBKUSelectTag.
- * @param conf the ConfigurationProvider
- * @param connParam the ConnectionParameter for that connection
- * @return String
- * @throws ConfigurationException on config-errors
- * @throws PKIException on PKI errors
- * @throws IOException on any data error
- * @throws GeneralSecurityException on security errors
- */
- private String readBKUSelectTag(ConfigurationProvider conf, ConnectionParameter connParam)
- throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
-
- if (connParam.isHTTPSURL())
- return new String(SSLUtils.readHttpsURL(conf, connParam));
- else
- return new String(FileUtils.readURL(connParam.getUrl()));
- }
- /**
- * Processes the beginning of an authentication session.
- * <ul>
- * <li>Starts an authentication session</li>
- * <li>Creates an <code>&lt;InfoboxReadRequest&gt;</code></li>
- * <li>Creates an HTML form for querying the identity link from the
- * security layer implementation.
- * <br>Form parameters include
- * <ul>
- * <li>the <code>&lt;InfoboxReadRequest&gt;</code></li>
- * <li>the data URL where the security layer implementation sends it response to</li>
- * </ul>
- * </ul>
- * @param authURL URL of the servlet to be used as data URL
- * @param target "Gesch&auml;ftsbereich" of the online application requested
- * @param oaURL online application URL requested
- * @param bkuURL URL of the "B&uuml;rgerkartenumgebung" to be used;
- * may be <code>null</code>; in this case, the default location will be used
- * @param templateURL URL providing an HTML template for the HTML form generated
- * @return HTML form
- * @throws AuthenticationException
- * @see GetIdentityLinkFormBuilder
- * @see InfoboxReadRequestBuilder
- */
- public String startAuthentication(
- String authURL,
- String target,
- String oaURL,
- String templateURL,
- String bkuURL,
- String sessionID)
- throws WrongParametersException, AuthenticationException, ConfigurationException, BuildException {
-
- if (isEmpty(sessionID)) {
- if (isEmpty(authURL))
- throw new WrongParametersException("StartAuthentication", "AuthURL");
-
- //check if HTTP Connection may be allowed (through FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY)
- String boolStr =
- AuthConfigurationProvider.getInstance().getGenericConfigurationParameter(
- AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
- if ((!authURL.startsWith("https:")) && (false == BoolUtils.valueOf(boolStr)))
- throw new AuthenticationException("auth.07", new Object[] { authURL + "*" });
- if (isEmpty(target))
- throw new WrongParametersException("StartAuthentication", PARAM_TARGET);
- if (isEmpty(oaURL))
- throw new WrongParametersException("StartAuthentication", PARAM_OA);
- }
- AuthenticationSession session;
- if (sessionID != null)
- session = getSession(sessionID);
- else {
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
- if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { oaURL });
- session = newSession();
- Logger.info("MOASession " + session.getSessionID() + " angelegt");
- session.setTarget(target);
- session.setOAURLRequested(oaURL);
- session.setPublicOAURLPrefix(oaParam.getPublicURLPrefix());
- session.setAuthURL(authURL);
- session.setTemplateURL(templateURL);
- }
- String infoboxReadRequest = new InfoboxReadRequestBuilder().build();
- String dataURL =
- new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
- REQ_VERIFY_IDENTITY_LINK,
- session.getSessionID());
- String template = null;
- if (session.getTemplateURL() != null) {
- try {
- template = new String(FileUtils.readURL(session.getTemplateURL()));
- } catch (IOException ex) {
- throw new AuthenticationException(
- "auth.03",
- new Object[] { session.getTemplateURL(), ex.toString()},
- ex);
- }
- }
- String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
- String certInfoDataURL =
- new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
- REQ_START_AUTHENTICATION,
- session.getSessionID());
- String htmlForm =
- new GetIdentityLinkFormBuilder().build(
- template,
- bkuURL,
- infoboxReadRequest,
- dataURL,
- certInfoRequest,
- certInfoDataURL);
- return htmlForm;
- }
- /**
- * Processes an <code>&lt;InfoboxReadResponse&gt;</code> sent by the
- * security layer implementation.<br>
- * <ul>
- * <li>Validates given <code>&lt;InfoboxReadResponse&gt;</code></li>
- * <li>Parses identity link enclosed in <code>&lt;InfoboxReadResponse&gt;</code></li>
- * <li>Verifies identity link by calling the MOA SP component</li>
- * <li>Checks certificate authority of identity link</li>
- * <li>Stores identity link in the session</li>
- * <li>Creates an authentication block to be signed by the user</li>
- * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
- * containg the authentication block, meant to be returned to the
- * security layer implementation</li>
- * </ul>
- *
- * @param sessionID ID of associated authentication session data
- * @param xmlInfoboxReadResponse String representation of the
- * <code>&lt;InfoboxReadResponse&gt;</code>
- * @return String representation of the <code>&lt;CreateXMLSignatureRequest&gt;</code>
- */
- public String verifyIdentityLink(String sessionID, String xmlInfoboxReadResponse)
- throws
- AuthenticationException,
- ParseException,
- ConfigurationException,
- ValidateException,
- ServiceException {
-
- if (isEmpty(sessionID))
- throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID});
- if (isEmpty(xmlInfoboxReadResponse))
- throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE});
- AuthenticationSession session = getSession(sessionID);
- if (session.getTimestampIdentityLink() != null)
- throw new AuthenticationException("auth.01", new Object[] { sessionID });
- session.setTimestampIdentityLink();
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
- // parses the <InfoboxReadResponse>
- IdentityLink identityLink =
- new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink();
- // validates the identity link
- IdentityLinkValidator.getInstance().validate(identityLink);
- // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
- Element domVerifyXMLSignatureRequest =
- new VerifyXMLSignatureRequestBuilder().build(
- identityLink,
- authConf.getMoaSpIdentityLinkTrustProfileID());
- // debug output
- if(null != domVerifyXMLSignatureRequest)
- debugOutputXMLFile("VerifyIdentityLinkRequest.xml", domVerifyXMLSignatureRequest);
- // invokes the call
- Element domVerifyXMLSignatureResponse =
- new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- // parses the <VerifyXMLSignatureResponse>
- VerifyXMLSignatureResponse verifyXMLSignatureResponse =
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse).parseData();
- // debug output
- if(null != domVerifyXMLSignatureResponse)
- debugOutputXMLFile("VerifyIdentityLinkResponse.xml", domVerifyXMLSignatureResponse);
- // validates the <VerifyXMLSignatureResponse>
- VerifyXMLSignatureResponseValidator.getInstance().validate(
- verifyXMLSignatureResponse,
- authConf.getIdentityLinkX509SubjectNames(),
- VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK);
-
- session.setIdentityLink(identityLink);
- // builds the AUTH-block
- String authBlock = buildAuthenticationBlock(session);
- session.setAuthBlock(authBlock);
- // builds the <CreateXMLSignatureRequest>
- String[] transformInfos = authConf.getTransformsInfos();
- String createXMLSignatureRequest =
- new CreateXMLSignatureRequestBuilder().build(authBlock, transformInfos);
- return createXMLSignatureRequest;
- }
- /**
- * Builds an authentication block <code>&lt;saml:Assertion&gt;</code> from given session data.
- * @param session authentication session
- * @return <code>&lt;saml:Assertion&gt;</code> as a String
- */
- private String buildAuthenticationBlock(AuthenticationSession session) {
- IdentityLink identityLink = session.getIdentityLink();
- String issuer = identityLink.getGivenName() + " " + identityLink.getFamilyName();
- String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance());
- String authURL = session.getAuthURL();
- String target = session.getTarget();
- String oaURL = session.getPublicOAURLPrefix();
- String authBlock =
- new AuthenticationBlockAssertionBuilder().build(issuer, issueInstant, authURL, target, oaURL);
- return authBlock;
- }
- /**
- * Processes a <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
- * security layer implementation.<br>
- * <ul>
- * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
- * <li>Parses <code>&lt;CreateXMLSignatureResponse&gt;</code> for error codes</li>
- * <li>Parses authentication block enclosed in
- * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
- * <li>Verifies authentication block by calling the MOA SP component</li>
- * <li>Creates authentication data</li>
- * <li>Creates a corresponding SAML artifact</li>
- * <li>Stores authentication data in the authentication data store
- * indexed by the SAML artifact</li>
- * <li>Deletes authentication session</li>
- * <li>Returns the SAML artifact, encoded BASE64</li>
- * </ul>
- *
- * @param sessionID session ID of the running authentication session
- * @param xmlCreateXMLSignatureReadResponse String representation of the
- * <code>&lt;CreateXMLSignatureResponse&gt;</code>
- * @return SAML artifact needed for retrieving authentication data, encoded BASE64
- */
- public String verifyAuthenticationBlock(
- String sessionID,
- String xmlCreateXMLSignatureReadResponse)
- throws
- AuthenticationException,
- BuildException,
- ParseException,
- ConfigurationException,
- ServiceException,
- ValidateException {
-
- if (isEmpty(sessionID))
- throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
- if (isEmpty(xmlCreateXMLSignatureReadResponse))
- throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
- AuthenticationSession session = getSession(sessionID);
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
- // parses <CreateXMLSignatureResponse>
- CreateXMLSignatureResponse csresp =
- new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureReadResponse).parseResponse();
- // validates <CreateXMLSignatureResponse>
- new CreateXMLSignatureResponseValidator().validate(
- csresp,
- session.getTarget(),
- session.getPublicOAURLPrefix());
- // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
- String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
- String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
- Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid);
- // debug output
- if(null != domVsreq)
- AuthenticationServer.debugOutputXMLFile("VerifyAuthenticationBlockRequest.xml", domVsreq);
- // invokes the call
- Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq);
- // parses the <VerifyXMLSignatureResponse>
- VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData();
- // debug output
- if(null != domVsresp)
- AuthenticationServer.debugOutputXMLFile("VerifyAuthenticationBlockResponse.xml", domVsresp);
- // validates the <VerifyXMLSignatureResponse>
- VerifyXMLSignatureResponseValidator.getInstance().validate(
- vsresp,
- null,
- VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK);
- // compares the public keys from the identityLink with the AuthBlock
- VerifyXMLSignatureResponseValidator.getInstance().validateCertificate(
- vsresp,
- session.getIdentityLink());
-
- // builds authentication data and stores it together with a SAML artifact
- AuthenticationData authData = buildAuthenticationData(session, vsresp);
- String samlArtifact =
- new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
- storeAuthenticationData(samlArtifact, authData);
- // invalidates the authentication session
- sessionStore.remove(sessionID);
- Logger.info(
- "Anmeldedaten zu MOASession " + sessionID + " angelegt, SAML Artifakt " + samlArtifact);
- return samlArtifact;
- }
- /**
- * Builds the AuthenticationData object together with the
- * corresponding <code>&lt;saml:Assertion&gt;</code>
- * @param session authentication session
- * @param verifyXMLSigResp VerifyXMLSignatureResponse from MOA-SP
- * @return AuthenticationData object
- * @throws ConfigurationException while accessing configuration data
- * @throws BuildException while building the <code>&lt;saml:Assertion&gt;</code>
- */
- private AuthenticationData buildAuthenticationData(
- AuthenticationSession session,
- VerifyXMLSignatureResponse verifyXMLSigResp)
- throws ConfigurationException, BuildException {
-
- IdentityLink identityLink = session.getIdentityLink();
- AuthenticationData authData = new AuthenticationData();
- authData.setMajorVersion(1);
- authData.setMinorVersion(0);
- authData.setAssertionID(Random.nextRandom());
- authData.setIssuer(session.getAuthURL());
- authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance()));
- String vpkBase64 =
- new VPKBuilder().buildVPK(
- identityLink.getIdentificationValue(),
- identityLink.getDateOfBirth(),
- session.getTarget());
- authData.setVPK(vpkBase64);
- authData.setGivenName(identityLink.getGivenName());
- authData.setFamilyName(identityLink.getFamilyName());
- authData.setDateOfBirth(identityLink.getDateOfBirth());
- authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate());
- authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
- authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode());
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(
- session.getPublicOAURLPrefix());
- String prPerson = new PersonDataBuilder().build(identityLink, oaParam.getProvideZMRZahl());
-
- try {
- String ilAssertion =
- oaParam.getProvideIdentityLink()
- ? DOMUtils.serializeNode(identityLink.getSamlAssertion())
- : "";
- String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : "";
- String samlAssertion =
- new AuthenticationDataAssertionBuilder().build(authData, prPerson, authBlock, ilAssertion);
- authData.setSamlAssertion(samlAssertion);
- return authData;
- } catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] { "AuthenticationData", ex.toString()},
- ex);
- }
- }
- /**
- * Retrieves <code>AuthenticationData</code> indexed by the SAML artifact.
- * The <code>AuthenticationData</code> is deleted from the store upon end of this call.
- *
- * @return <code>AuthenticationData</code>
- */
- public AuthenticationData getAuthenticationData(String samlArtifact)
- throws AuthenticationException {
- String assertionHandle;
- try {
- assertionHandle = new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
- } catch (ParseException ex) {
- throw new AuthenticationException("1205", new Object[] { samlArtifact, ex.toString()});
- }
- AuthenticationData authData = null;
- synchronized (authenticationDataStore) {
- authData = (AuthenticationData) authenticationDataStore.get(assertionHandle);
- if (authData == null) {
- Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
- throw new AuthenticationException("1206", new Object[] { samlArtifact });
- }
- authenticationDataStore.remove(assertionHandle);
- }
- long now = new Date().getTime();
- if (now - authData.getTimestamp().getTime() > authDataTimeOut)
- throw new AuthenticationException("1207", new Object[] { samlArtifact });
- Logger.debug("Assertion delivered for SAML Artifact: " + samlArtifact);
- return authData;
- }
- /**
- * Stores authentication data indexed by the assertion handle contained in the
- * given saml artifact.
- * @param samlArtifact SAML artifact
- * @param authData authentication data
- * @throws AuthenticationException when SAML artifact is invalid
- */
- private void storeAuthenticationData(String samlArtifact, AuthenticationData authData)
- throws AuthenticationException {
-
- try {
- SAMLArtifactParser parser = new SAMLArtifactParser(samlArtifact);
- // check type code 0x0001
- byte[] typeCode = parser.parseTypeCode();
- if (typeCode[0] != 0 || typeCode[1] != 1)
- throw new AuthenticationException("auth.06", new Object[] { samlArtifact });
- String assertionHandle = parser.parseAssertionHandle();
- synchronized (authenticationDataStore) {
- Logger.debug("Assertion stored for SAML Artifact: " + samlArtifact);
- authenticationDataStore.put(assertionHandle, authData);
- }
- } catch (AuthenticationException ex) {
- throw ex;
- } catch (Throwable ex) {
- throw new AuthenticationException("auth.06", new Object[] { samlArtifact });
- }
- }
- /**
- * Creates a new session and puts it into the session store.
- *
- * @param id Session ID
- * @return AuthenticationSession created
- * @exception AuthenticationException
- * thrown when an <code>AuthenticationSession</code> is running
- * already for the given session ID
- */
- private static AuthenticationSession newSession() throws AuthenticationException {
- String sessionID = Random.nextRandom();
- AuthenticationSession newSession = new AuthenticationSession(sessionID);
- synchronized (sessionStore) {
- AuthenticationSession session = (AuthenticationSession) sessionStore.get(sessionID);
- if (session != null)
- throw new AuthenticationException("auth.01", new Object[] { sessionID });
- sessionStore.put(sessionID, newSession);
- }
- return newSession;
- }
- /**
- * Retrieves a session from the session store.
- *
- * @param id session ID
- * @return <code>AuthenticationSession</code> stored with given session ID,
- * <code>null</code> if session ID unknown
- */
- public static AuthenticationSession getSession(String id) throws AuthenticationException {
- AuthenticationSession session = (AuthenticationSession) sessionStore.get(id);
- if (session == null)
- throw new AuthenticationException("auth.02", new Object[] { id });
- return session;
- }
- /**
- * Cleans up expired session and authentication data stores.
- */
- public void cleanup() {
- long now = new Date().getTime();
- synchronized (sessionStore) {
- Set keys = new HashSet(sessionStore.keySet());
- for (Iterator iter = keys.iterator(); iter.hasNext();) {
- String sessionID = (String) iter.next();
- AuthenticationSession session = (AuthenticationSession) sessionStore.get(sessionID);
- if (now - session.getTimestampStart().getTime() > sessionTimeOut) {
- Logger.info(
- MOAIDMessageProvider.getInstance().getMessage(
- "cleaner.02",
- new Object[] { sessionID }));
- sessionStore.remove(sessionID);
- }
- }
- }
- synchronized (authenticationDataStore) {
- Set keys = new HashSet(authenticationDataStore.keySet());
- for (Iterator iter = keys.iterator(); iter.hasNext();) {
- String samlArtifact = (String) iter.next();
- AuthenticationData authData =
- (AuthenticationData) authenticationDataStore.get(samlArtifact);
- if (now - authData.getTimestamp().getTime() > authDataTimeOut) {
- Logger.info(
- MOAIDMessageProvider.getInstance().getMessage(
- "cleaner.03",
- new Object[] { samlArtifact }));
- authenticationDataStore.remove(samlArtifact);
- }
- }
- }
- }
-
- /**
- * Sets the sessionTimeOut.
- * @param sessionTimeOut time out in seconds
- */
- public void setSecondsSessionTimeOut(long seconds) {
- sessionTimeOut = 1000 * seconds;
- }
- /**
- * Sets the authDataTimeOut.
- * @param authDataTimeOut time out in seconds
- */
- public void setSecondsAuthDataTimeOut(long seconds) {
- authDataTimeOut = 1000 * seconds;
- }
-
- /**
- * Checks a parameter.
- * @param param parameter
- * @return true if the parameter is null or empty
- */
- private boolean isEmpty(String param) {
- return param == null || param.length() == 0;
- }
-
- /**
- * Writes an XML structure to file for debugging purposes, encoding UTF-8.
- *
- * @param filename file name
- * @param rootElem root element in DOM tree
- */
- public static void debugOutputXMLFile(String filename, Element rootElem) {
- if (Logger.isDebugEnabled(DEBUG_OUTPUT_HIERARCHY)) {
- try {
- String xmlString = new String(DOMUtils.serializeNode(rootElem));
- debugOutputXMLFile(filename, xmlString);
- } catch (Exception ex) {
- ex.printStackTrace();
- }
- }
- }
- /**
- * Writes an XML structure to file for debugging purposes, encoding UTF-8.
- *
- * @param filename file name
- * @param xmlString XML string
- */
- public static void debugOutputXMLFile(String filename, String xmlString) {
- if (Logger.isDebugEnabled(DEBUG_OUTPUT_HIERARCHY)) {
- try {
- java.io.OutputStream fout = new java.io.FileOutputStream(filename);
- byte[] xmlData = xmlString.getBytes("UTF-8");
- fout.write(xmlData);
- fout.close();
- } catch (Exception ex) {
- ex.printStackTrace();
- }
- }
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java
deleted file mode 100644
index 7e5ed6ec7..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java
+++ /dev/null
@@ -1,52 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Thread cleaning the <code>AuthenticationServer</code> session store
- * and authentication data store from garbage.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationSessionCleaner implements Runnable {
-
- /** interval the <code>AuthenticationSessionCleaner</code> is run in */
- private static final long SESSION_CLEANUP_INTERVAL = 30 * 60; // 30 min
-
- /**
- * Runs the thread. Cleans the <code>AuthenticationServer</code> session store
- * and authentication data store from garbage, then sleeps for given interval, and restarts.
- */
- public void run() {
- while (true) {
- try {
- Logger.debug("AuthenticationSessionCleaner run");
- AuthenticationServer.getInstance().cleanup();
- }
- catch (Exception e) {
- Logger.error(MOAIDMessageProvider.getInstance().getMessage("cleaner.01", null), e);
- }
- try {
- Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000);
- }
- catch (InterruptedException e) {
- }
- }
- }
-
- /**
- * start the sessionCleaner
- */
- public static void start() {
- // start the session cleanup thread
- Thread sessionCleaner =
- new Thread(new AuthenticationSessionCleaner());
- sessionCleaner.setName("SessionCleaner");
- sessionCleaner.setDaemon(true);
- sessionCleaner.setPriority(Thread.MIN_PRIORITY);
- sessionCleaner.start();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
deleted file mode 100644
index ddba20049..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
+++ /dev/null
@@ -1,53 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-/**
- * Constants used throughout moa-id-auth component.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public interface MOAIDAuthConstants {
-
- /** servlet parameter &quot;Target&quot; */
- public static final String PARAM_TARGET = "Target";
- /** servlet parameter &quot;OA&quot; */
- public static final String PARAM_OA = "OA";
- /** servlet parameter &quot;bkuURI&quot; */
- public static final String PARAM_BKU = "bkuURI";
- /** servlet parameter &quot;BKUSelectionTemplate&quot; */
- public static final String PARAM_BKUTEMPLATE = "BKUSelectionTemplate";
- /** servlet parameter &quot;returnURI&quot; */
- public static final String PARAM_RETURN = "returnURI";
- /** servlet parameter &quot;Template&quot; */
- public static final String PARAM_TEMPLATE = "Template";
- /** servlet parameter &quot;MOASessionID&quot; */
- public static final String PARAM_SESSIONID = "MOASessionID";
- /** servlet parameter &quot;XMLResponse&quot; */
- public static final String PARAM_XMLRESPONSE = "XMLResponse";
- /** servlet parameter &quot;SAMLArtifact&quot; */
- public static final String PARAM_SAMLARTIFACT = "SAMLArtifact";
- /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServlet} is mapped to */
- public static final String REQ_START_AUTHENTICATION = "StartAuthentication";
- /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet} is mapped to */
- public static final String REQ_VERIFY_IDENTITY_LINK = "VerifyIdentityLink";
- /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet} is mapped to */
- public static final String REQ_VERIFY_AUTH_BLOCK = "VerifyAuthBlock";
- /** Logging hierarchy used for controlling debug output of XML structures to files */
- public static final String DEBUG_OUTPUT_HIERARCHY = "moa.id.auth";
- /** Header Name for controlling the caching mechanism of the browser */
- public static final String HEADER_EXPIRES = "Expires";
- /** Header Value for controlling the caching mechanism of the browser */
- public static final String HEADER_VALUE_EXPIRES = "Sat, 6 May 1995 12:00:00 GMT";
- /** Header Name for controlling the caching mechanism of the browser */
- public static final String HEADER_PRAGMA = "Pragma";
- /** Header Value for controlling the caching mechanism of the browser */
- public static final String HEADER_VALUE_PRAGMA = "no-cache";
- /** Header Name for controlling the caching mechanism of the browser */
- public static final String HEADER_CACHE_CONTROL = "Cache-control";
- /** Header Value for controlling the caching mechanism of the browser */
- public static final String HEADER_VALUE_CACHE_CONTROL = "no-store, no-cache, must-revalidate";
- /** Header Value for controlling the caching mechanism of the browser */
- public static final String HEADER_VALUE_CACHE_CONTROL_IE = "post-check=0, pre-check=0";
-
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
deleted file mode 100644
index f9bec8b76..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ /dev/null
@@ -1,118 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-import iaik.pki.PKIException;
-import iaik.pki.jsse.IAIKX509TrustManager;
-
-import java.security.GeneralSecurityException;
-
-import java.io.IOException;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl;
-import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
-import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
-import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
-
-/**
- * Web application initializer
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDAuthInitializer {
-
- /** a boolean identifying if the MOAIDAuthInitializer has been startet */
- public static boolean initialized = false;
-
-
-
- /**
- * Initializes the web application components which need initialization:
- * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
- */
- public static void initialize()
- throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
- if (initialized)
- return;
- initialized=true;
- Logger.setHierarchy("moa.id.auth");
- // Restricts TLS cipher suites
- System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
- // load some jsse classes so that the integrity of the jars can be verified
- // before the iaik jce is installed as the security provider
- // this workaround is only needed when sun jsse is used in conjunction with
- // iaik-jce (on jdk1.3)
- ClassLoader cl = MOAIDAuthInitializer.class.getClassLoader();
- try {
- cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar
- }
- catch (ClassNotFoundException e) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e);
- }
-
- // Initializes SSLSocketFactory store
- SSLUtils.initialize();
-
- // Loads the configuration
- AuthConfigurationProvider authConf = AuthConfigurationProvider.reload();
- ConnectionParameter moaSPConnParam = authConf.getMoaSpConnectionParameter();
-
- // If MOA-SP API calls: loads MOA-SP configuration and configures IAIK
- if (moaSPConnParam == null) {
- try {
- LoggingContextManager.getInstance().setLoggingContext(
- new LoggingContext("startup"));
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- new IaikConfigurator().configure(config);
- }
- catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) {
- throw new ConfigurationException("config.10", new Object[] { ex.toString() }, ex);
- }
- }
-
- // Initializes IAIKX509TrustManager logging
- String log4jConfigURL = System.getProperty("log4j.configuration");
- if (log4jConfigURL != null) {
- IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL));
- }
-
- // Initializes the Axis secure socket factory for use in calling the MOA-SP web service
- if (moaSPConnParam != null && moaSPConnParam.isHTTPSURL()) {
- SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, moaSPConnParam);
- AxisSecureSocketFactory.initialize(ssf);
- }
-
- // sets the authentication session and authentication data time outs
- String param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY);
- if (param != null) {
- long sessionTimeOut = 0;
- try { sessionTimeOut = new Long(param).longValue(); }
- catch (NumberFormatException ex) {
- Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY}));
- }
- if (sessionTimeOut > 0)
- AuthenticationServer.getInstance().setSecondsSessionTimeOut(sessionTimeOut);
- }
- param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY);
- if (param != null) {
- long authDataTimeOut = 0;
- try { authDataTimeOut = new Long(param).longValue(); }
- catch (NumberFormatException ex) {
- Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY}));
- }
- if (authDataTimeOut > 0)
- AuthenticationServer.getInstance().setSecondsAuthDataTimeOut(authDataTimeOut);
- }
-
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/WrongParametersException.java b/id.server/src/at/gv/egovernment/moa/id/auth/WrongParametersException.java
deleted file mode 100644
index 3ce2798ea..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/WrongParametersException.java
+++ /dev/null
@@ -1,21 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception thrown when the <code>AuthenticationServer</code> API is
- * called with wrong parameters provided.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class WrongParametersException extends MOAIDException {
-
- /**
- * Constructor
- */
- public WrongParametersException(String call, String parameter) {
- super("auth.05", new Object[] {call, parameter});
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
deleted file mode 100644
index 4babf948c..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ /dev/null
@@ -1,56 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.text.MessageFormat;
-
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Builder for the authentication block <code>&lt;saml:Assertion&gt;</code>
- * to be included in a <code>&lt;CreateXMLSignatureResponse&gt;</code>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationBlockAssertionBuilder implements Constants {
- /** private static String nl contains the NewLine representation in Java*/
- private static String nl = "\n";
- /** private static String AUTH_BLOCK contains an XML-Auth-Block-Template */
- private static String AUTH_BLOCK =
- "<saml:Assertion xmlns:saml=''" + SAML_NS_URI + "'' MajorVersion=''1'' MinorVersion=''0'' AssertionID=''any'' Issuer=''{0}'' IssueInstant=''{1}''>" + nl +
- " <saml:AttributeStatement>" + nl +
- " <saml:Subject>" + nl +
- " <saml:NameIdentifier>{2}</saml:NameIdentifier>" + nl +
- " </saml:Subject>" + nl +
- " <saml:Attribute AttributeName=''Geschäftsbereich'' AttributeNamespace=''" + MOA_NS_URI + "''>" + nl +
- " <saml:AttributeValue>{3}</saml:AttributeValue>" + nl +
- " </saml:Attribute>" + nl +
- " <saml:Attribute AttributeName=''OA'' AttributeNamespace=''" + MOA_NS_URI + "''>" + nl +
- " <saml:AttributeValue>{4}</saml:AttributeValue>" + nl +
- " </saml:Attribute>" + nl +
- " </saml:AttributeStatement>" + nl +
- "</saml:Assertion>";
-
- /**
- * Constructor for AuthenticationBlockAssertionBuilder.
- */
- public AuthenticationBlockAssertionBuilder() {
- super();
- }
- /**
- * Builds the authentication block <code>&lt;saml:Assertion&gt;</code>.
- *
- * @param issuer authentication block issuer; <code>"GivenName FamilyName"</code>
- * @param issueInstant current timestamp
- * @param authURL URL of MOA-ID authentication component
- * @param target "Gesch&auml;ftsbereich"
- * @param oaURL public URL of online application requested
- * @return String representation of authentication block
- * <code>&lt;saml:Assertion&gt;</code> built
- */
- public String build(String issuer, String issueInstant, String authURL, String target, String oaURL) {
- String assertion = MessageFormat.format(
- AUTH_BLOCK, new Object[] { issuer, issueInstant, authURL, target, oaURL });
- return assertion;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
deleted file mode 100644
index fd7cb1a9d..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
+++ /dev/null
@@ -1,114 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.text.MessageFormat;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Builder for the authentication data <code>&lt;saml:Assertion&gt;</code>
- * to be provided by the MOA ID Auth component.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationDataAssertionBuilder implements Constants {
- /** private static String NL contains the NewLine representation in Java*/
- private static final String NL = "\n";
- /**
- * XML template for the <code>&lt;saml:Assertion&gt;</code> to be built
- */
- private static final String AUTH_DATA =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + NL +
- "<saml:Assertion xmlns:saml=''" + SAML_NS_URI + "'' xmlns:pr=''" + PD_NS_URI + "'' xmlns:xsi=''" + XSI_NS_URI + "''" +
- " MajorVersion=''1'' MinorVersion=''0'' AssertionID=''{0}'' Issuer=''{1}'' IssueInstant=''{2}''>" + NL +
- " <saml:AttributeStatement>" + NL +
- " <saml:Subject>" + NL +
- " <saml:NameIdentifier NameQualifier=''http://reference.e-government.gv.at/names/vpk/20020221#''>{3}</saml:NameIdentifier>" + NL +
- " <saml:SubjectConfirmation>" + NL +
- " <saml:ConfirmationMethod>" + MOA_NS_URI + "cm</saml:ConfirmationMethod>" + NL +
- " <saml:SubjectConfirmationData>{4}{5}</saml:SubjectConfirmationData>" + NL +
- " </saml:SubjectConfirmation>" + NL +
- " </saml:Subject>" + NL +
- " <saml:Attribute AttributeName=''PersonData'' AttributeNamespace=''" + PD_NS_URI + "''>" + NL +
- " <saml:AttributeValue>{6}</saml:AttributeValue>" + NL +
- " </saml:Attribute>" + NL +
- " <saml:Attribute AttributeName=''isQualifiedCertificate'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL +
- " <saml:AttributeValue>{7}</saml:AttributeValue>" + NL +
- " </saml:Attribute>" + NL +
- "{8}" +
- " </saml:AttributeStatement>" + NL +
- "</saml:Assertion>";
- /**
- * XML template for the <code>&lt;saml:Attribute&gt;</code> named <code>"isPublicAuthority"</code>,
- * to be inserted into the <code>&lt;saml:Assertion&gt;</code>
- */
- private static final String PUBLIC_AUTHORITY_ATT =
- " <saml:Attribute AttributeName=''isPublicAuthority'' AttributeNamespace=''urn:oid:1.2.40.0.10.1.1.1''>" + NL +
- " <saml:AttributeValue>{0}</saml:AttributeValue>" + NL +
- " </saml:Attribute>" + NL;
-
- /**
- * Constructor for AuthenticationDataAssertionBuilder.
- */
- public AuthenticationDataAssertionBuilder() {
- super();
- }
-
- /**
- * Builds the authentication data <code>&lt;saml:Assertion&gt;</code>.
- *
- * @param authData the <code>AuthenticationData</code> to build the
- * <code>&lt;saml:Assertion&gt;</code> from
- * @param xmlPersonData <code>lt;pr:Person&gt;</code> element as a String
- * @param xmlAuthBlock authentication block to be included in a
- * <code>lt;saml:SubjectConfirmationData&gt;</code> element; may include
- * the <code>"ZMR-Zahl"</code> or not; may be empty
- * @param xmlIdentityLink the IdentityLink
- * @return the <code>&lt;saml:Assertion&gt;</code>
- * @throws BuildException if an error occurs during the build process
- */
- public String build(
- AuthenticationData authData,
- String xmlPersonData,
- String xmlAuthBlock,
- String xmlIdentityLink) throws BuildException {
-
- String isQualifiedCertificate = authData.isQualifiedCertificate() ? "true" : "false";
- String publicAuthorityAttribute = "";
- if (authData.isPublicAuthority()) {
- String publicAuthorityIdentification = authData.getPublicAuthorityCode();
- if (publicAuthorityIdentification == null)
- publicAuthorityIdentification = "True";
- publicAuthorityAttribute = MessageFormat.format(
- PUBLIC_AUTHORITY_ATT, new Object[] { publicAuthorityIdentification });
- }
-
- String assertion = MessageFormat.format(AUTH_DATA, new Object[] {
- authData.getAssertionID(),
- authData.getIssuer(),
- authData.getIssueInstant(),
- authData.getVPK(),
- removeXMLDeclaration(xmlAuthBlock),
- removeXMLDeclaration(xmlIdentityLink),
- removeXMLDeclaration(xmlPersonData),
- isQualifiedCertificate,
- publicAuthorityAttribute});
- return assertion;
- }
-
- /**
- * Removes the XML declaration from an XML expression.
- * @param xmlString XML expression as String
- * @return XML expression, XML declaration removed
- */
- private String removeXMLDeclaration(String xmlString) {
- if (xmlString.startsWith("<?xml")) {
- int firstElement = xmlString.indexOf("<", 1);
- return xmlString.substring(firstElement);
- }
- else return xmlString;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/Builder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/Builder.java
deleted file mode 100644
index e5bbaa585..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/Builder.java
+++ /dev/null
@@ -1,30 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.BuildException;
-
-/**
- * Base class for HTML/XML builders providing commonly useful functions.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class Builder {
-
- /**
- * Replaces a special tag in an XML or HTML template by a value.
- * @param htmlTemplate template
- * @param tag special tag
- * @param value value replacing the tag
- * @return XML or HTML code, the tag replaced
- * @throws BuildException when template does not contain the tag
- */
- protected String replaceTag(String template, String tag, String value) throws BuildException {
- int index = template.indexOf(tag);
- if (index < 0)
- throw new BuildException(
- "builder.01",
- new Object[] {"&lt;" + tag.substring(1, tag.length() - 1) + "&gt;"});
- return template.substring(0, index) + value + template.substring(index + tag.length());
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
deleted file mode 100644
index 5ceb1d1c0..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.IOException;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.util.FileUtils;
-
-/**
- * Builder for the <code>&lt;VerifyXMLSignatureRequest&gt;</code> structure
- * used for presenting certificate information in the secure viewer of the security layer implementation.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class CertInfoVerifyXMLSignatureRequestBuilder extends Builder {
-
- /** special tag in the VerifyXMLRequest template to be substituted for a <code>&lt;dsig:Signature&gt;</code> */
- private static final String SIGNATURE_TAG = "<dsig:Signature/>";
-
- /**
- * Constructor
- */
- public CertInfoVerifyXMLSignatureRequestBuilder() {
- super();
- }
- /**
- * Builds the <code>&lt;VerifyXMLSignatureRequest&gt;</code> structure.
- * @return the XML structure
- * @throws BuildException
- */
- public String build() throws BuildException {
- String resCertInfoRequest = "resources/xmldata/CertInfoVerifyXMLSignatureRequest.xml";
- String resDsigSignature = "resources/xmldata/CertInfoDsigSignature.xml";
- String certInfoRequest;
- try {
- certInfoRequest = FileUtils.readResource(resCertInfoRequest, "UTF-8");
- }
- catch (IOException ex) {
- throw new BuildException("auth.04", new Object[] {resCertInfoRequest, ex.toString()});
- }
- try {
- String dsigSignature = FileUtils.readResource(resDsigSignature, "UTF-8");
- certInfoRequest = replaceTag(certInfoRequest, SIGNATURE_TAG, dsigSignature);
- return certInfoRequest;
- }
- catch (IOException ex) {
- throw new BuildException("auth.04", new Object[] {resDsigSignature, ex.toString()});
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
deleted file mode 100644
index f8c287cb6..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ /dev/null
@@ -1,60 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.text.MessageFormat;
-
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Builder for the <code>&lt;CreateXMLSignatureRequest&gt;</code> structure
- * used for requesting a signature under the authentication block from the
- * security layer implementation.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class CreateXMLSignatureRequestBuilder implements Constants {
- /** private static String nl contains the NewLine representation in Java*/
- private static final String nl = "\n";
- /**
- * XML template for the <code>&lt;moa:CreateXMLSignatureRequest&gt;</code> to be built
- */
- private static final String CREATE_XML_SIGNATURE_REQUEST =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + nl +
- "<sl11:CreateXMLSignatureRequest xmlns:dsig=''" + DSIG_NS_URI + "'' xmlns:sl10=''" + SL10_NS_URI + "'' xmlns:sl11=''" + SL11_NS_URI + "''>" + nl +
- " <sl11:KeyboxIdentifier>SecureSignatureKeypair</sl11:KeyboxIdentifier>" + nl +
- //TODO RS Lsg Switch SecureSignatureKeypair / CertifiedKeyPair
- //" <sl11:KeyboxIdentifier>CertifiedKeypair</sl11:KeyboxIdentifier>" + nl +
- " <sl11:DataObjectInfo Structure=''detached''>" + nl +
- " <sl10:DataObject Reference=''''/>" + nl +
- "{1}" +
- " </sl11:DataObjectInfo>" + nl +
- " <sl11:SignatureInfo>" + nl +
- " <sl11:SignatureEnvironment>" + nl +
- " <sl10:XMLContent>{0}</sl10:XMLContent>" + nl +
- " </sl11:SignatureEnvironment>" + nl +
- " <sl11:SignatureLocation Index=''2''>/saml:Assertion</sl11:SignatureLocation>" + nl +
- " </sl11:SignatureInfo>" + nl +
- "</sl11:CreateXMLSignatureRequest>";
-
- /**
- * Constructor for CreateXMLSignatureRequestBuilder.
- */
- public CreateXMLSignatureRequestBuilder() {
- super();
- }
-
- /**
- * Builds the <code>&lt;CreateXMLSignatureRequest&gt;</code>.
- *
- * @param authBlock String representation of XML authentication block
- * @return String representation of <code>&lt;CreateXMLSignatureRequest&gt;</code>
- */
- public String build(String authBlock, String[] dsigTransformInfos) {
- String dsigTransformInfosString = "";
- for (int i = 0; i < dsigTransformInfos.length; i++)
- dsigTransformInfosString += dsigTransformInfos[i];
- String request = MessageFormat.format(
- CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock, dsigTransformInfosString });
- return request;
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java
deleted file mode 100644
index 30cc1df5a..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java
+++ /dev/null
@@ -1,83 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Builds a DataURL parameter meant for the security layer implementation
- * to respond to.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class DataURLBuilder {
-
- /**
- * Constructor for DataURLBuilder.
- */
- public DataURLBuilder() {
- super();
- }
-
- /**
- * Constructs a data URL for <code>VerifyIdentityLink</code> or <code>VerifyAuthenticationBlock</code>,
- * including the <code>MOASessionID</code> as a parameter.
- *
- * @param authBaseURL base URL (context path) of the MOA ID Authentication component,
- * including a trailing <code>'/'</code>
- * @param authServletName request part of the data URL
- * @param sessionID sessionID to be included in the dataURL
- * @return String
- */
- public String buildDataURL(String authBaseURL, String authServletName, String sessionID) {
-
- String individualDataURLPrefix = null;
- String dataURL;
- try {
- //check if an individual prefix is configured
- individualDataURLPrefix = AuthConfigurationProvider.getInstance().
- getGenericConfigurationParameter(AuthConfigurationProvider.INDIVIDUAL_DATA_URL_PREFIX);
-
- if (null != individualDataURLPrefix) {
-
- //check individualDataURLPrefix
- if(!individualDataURLPrefix.startsWith("http"))
- throw(new ConfigurationException("config.13", new Object[] { individualDataURLPrefix}));
-
- //when ok then use it
- dataURL = individualDataURLPrefix + authServletName;
- } else
- dataURL = authBaseURL + authServletName;
-
- } catch (ConfigurationException e) {
- Logger.warn(e);
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", new Object[] { authBaseURL } ));
- dataURL = authBaseURL + authServletName;
- }
-
- dataURL = addParameter(dataURL, AuthServlet.PARAM_SESSIONID, sessionID);
- return dataURL;
- }
-
- /**
- * Method addParameter.
- * @param urlString represents the url
- * @param paramname is the parameter to be added
- * @param value is the value of that parameter
- * @return String
- */
- private String addParameter(String urlString, String paramname, String value) {
- String url = urlString;
- if (paramname != null) {
- if (url.indexOf("?") < 0)
- url += "?";
- else
- url += "&";
- url += paramname + "=" + value;
- }
- return url;
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
deleted file mode 100644
index 8391fdd62..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ /dev/null
@@ -1,137 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.IOException;
-import java.io.StringReader;
-import java.io.StringWriter;
-
-import at.gv.egovernment.moa.id.BuildException;
-
-/**
- * Builder for HTML form requesting the security layer implementation
- * to get the identity link from smartcard by a <code>&lt;InfoboxReadRequest&gt;</code>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class GetIdentityLinkFormBuilder extends Builder {
- /** private static String NL contains the NewLine representation in Java*/
- private static final String nl = "\n";
- /** special tag in the HTML template to be substituted for the BKU URL */
- private static final String BKU_TAG = "<BKU>";
- /** special tag in the HTML template to be substituted for the XML request */
- private static final String XMLREQUEST_TAG = "<XMLRequest>";
- /** special tag in the HTML template to be substituted for the data URL */
- private static final String DATAURL_TAG = "<DataURL>";
- /** special tag in the HTML template to be substituted for certificate info XML request */
- private static final String CERTINFO_XMLREQUEST_TAG = "<CertInfoXMLRequest>";
- /** special tag in the HTML template to be substituted for the certificate info data URL */
- private static final String CERTINFO_DATAURL_TAG = "<CertInfoDataURL>";
-
- /** default BKU URL */
- private static final String DEFAULT_BKU = "http://localhost:3495/http-security-layer-request";
- /** default HTML template */
- private static final String DEFAULT_HTML_TEMPLATE =
- "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
- "<html>" + nl +
- "<head>" + nl +
- "<title>Auslesen der Personenbindung</title>" + nl +
- "</head>" + nl +
- "<body>" + nl +
- "<form name=\"GetIdentityLinkForm\"" + nl +
- " action=\"" + BKU_TAG + "\"" + nl +
- " method=\"post\">" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"XMLRequest\"" + nl +
- " value=\"" + XMLREQUEST_TAG + "\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"DataURL\"" + nl +
- " value=\"" + DATAURL_TAG + "\"/>" + nl +
- " <input type=\"submit\" value=\"Auslesen der Personenbindung\"/>" + nl +
- "</form>" + nl +
- "<form name=\"CertificateInfoForm\"" + nl +
- " action=\"" + BKU_TAG + "\"" + nl +
- " method=\"post\">" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"XMLRequest\"" + nl +
- " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"DataURL\"" + nl +
- " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" + nl +
- " <input type=\"submit\" value=\"Information zu Wurzelzertifikaten\"/>" + nl +
- "</form>" + nl +
- "</body>" + nl +
- "</html>";
-
- /**
- * Constructor for GetIdentityLinkFormBuilder.
- */
- public GetIdentityLinkFormBuilder() {
- super();
- }
- /**
- * Builds the HTML form, including XML Request and data URL as parameters.
- *
- * @param htmlTemplate template to be used for the HTML form;
- * may be <code>null</code>, in this case a default layout will be produced
- * @param xmlRequest XML Request to be sent as a parameter in the form
- * @param bkuURL URL of the "B&uuml;rgerkartenumgebung" the form will be submitted to;
- * may be <code>null</code>, in this case the default URL will be used
- * @param dataURL DataURL to be sent as a parameter in the form
- */
- public String build(
- String htmlTemplate, String bkuURL, String xmlRequest, String dataURL, String certInfoXMLRequest, String certInfoDataURL)
- throws BuildException {
-
- String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate;
- String bku = bkuURL == null ? DEFAULT_BKU : bkuURL;
- htmlForm = replaceTag(htmlForm, BKU_TAG, bku);
- htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest));
- htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL);
- htmlForm = replaceTag(htmlForm, BKU_TAG, bku);
- htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest));
- htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL);
- return htmlForm;
- }
- /**
- * Encodes a string for inclusion as a parameter in the form.
- * Double quotes are substituted by <code>"&amp;quot;"</code>.
- * @param s the string to be encoded
- * @return the string encoded
- * @throws BuildException on any exception encountered
- */
- public static String encodeParameter(String s) throws BuildException {
- StringReader in = new StringReader(s);
- StringWriter out = new StringWriter();
- try {
- for (int ch = in.read(); ch >= 0; ch = in.read()) {
- if (ch == '"')
- out.write("&quot;");
- else if (ch == '<')
- out.write("&lt;");
- else if (ch == '>')
- out.write("&gt;");
- else if (ch == 'ä')
- out.write("&auml;");
- else if (ch == 'ö')
- out.write("&ouml;");
- else if (ch == 'ü')
- out.write("&uuml;");
- else if (ch == 'Ä')
- out.write("&Auml;");
- else if (ch == 'Ö')
- out.write("&Ouml;");
- else if (ch == 'Ü')
- out.write("&Uuml;");
- else if (ch == 'ß')
- out.write("&szlig;");
- else
- out.write(ch);
- }
- }
- catch (IOException ex) {
- throw new BuildException("builder.00", new Object[] {"GetIdentityLinkForm", ex.toString()});
- }
- return out.toString();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
deleted file mode 100644
index d3e100671..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
+++ /dev/null
@@ -1,39 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Builder for the <code>&lt;InfoboxReadRequest&gt;</code> structure
- * used for requesting the identity link from the security layer implementation.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class InfoboxReadRequestBuilder implements Constants {
-
- /**
- * XML template for the <code>&lt;sl10:InfoboxReadRequest&gt;</code> to be built
- */
- String INFOBOX_READ_REQUEST =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" +
- "<sl10:InfoboxReadRequest xmlns:sl10=\"" + SL10_NS_URI + "\">" +
- "<sl10:InfoboxIdentifier>IdentityLink</sl10:InfoboxIdentifier>" +
- "<sl10:BinaryFileParameters ContentIsXMLEntity=\"true\"/>" +
- "</sl10:InfoboxReadRequest>";
-
- /**
- * Constructor for InfoboxReadRequestBuilder.
- */
- public InfoboxReadRequestBuilder() {
- }
- /**
- * Builds an <code>&lt;InfoboxReadRequest&gt;</code>.
- *
- * @return <code>&lt;InfoboxReadRequest&gt;</code> as String
- */
- public String build() {
- String request = INFOBOX_READ_REQUEST;
- return request;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
deleted file mode 100644
index 85ec1cb7f..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
+++ /dev/null
@@ -1,58 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Builder for the <code>lt;pr:Person&gt;</code> element to be inserted
- * in the authentication data <code>lt;saml:Assertion&gt;</code>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class PersonDataBuilder {
-
- /**
- * Constructor for PersonDataBuilder.
- */
- public PersonDataBuilder() {
- super();
- }
- /**
- * Builds the <code>&lt;pr:Person&gt;</code> element.<br/>
- * Utilizes the parsed <code>&lt;prPerson&gt;</code> from the identity link
- * and the information regarding inclusion of <code>"ZMR-Zahl"</code> in the
- * <code>&lt;pr:Person&gt;</code> data.
- *
- * @param identityLink <code>IdentityLink</code> containing the
- * attribute <code>prPerson</code>
- * @param provideZMRZahl true if <code>"ZMR-Zahl"</code> is to be included;
- * false otherwise
- * @return the <code>&lt;pr:Person&gt;</code> element as a String
- * @throws BuildException on any error
- */
- public String build(IdentityLink identityLink, boolean provideZMRZahl)
- throws BuildException {
-
- try {
- Element prPerson = (Element)identityLink.getPrPerson().cloneNode(true);
- if (! provideZMRZahl) {
- Node prIdentification = XPathUtils.selectSingleNode(prPerson, "pr:Identification");
- prPerson.removeChild(prIdentification);
- }
- String xmlString = DOMUtils.serializeNode(prPerson);
- return xmlString;
- }
- catch (Exception ex) {
- throw new BuildException(
- "builder.00",
- new Object[] {"PersonData", ex.toString()},
- ex);
- }
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
deleted file mode 100644
index 27e19e830..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
+++ /dev/null
@@ -1,60 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.ByteArrayOutputStream;
-import java.security.MessageDigest;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * Builder for the SAML artifact, as defined in the
- * Browser/Artifact profile of SAML.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLArtifactBuilder {
-
- /**
- * Constructor for SAMLArtifactBuilder.
- */
- public SAMLArtifactBuilder() {
- super();
- }
-
- /**
- * Builds the SAML artifact, encoded BASE64.
- * <ul>
- * <li><code>TypeCode</code>: <code>0x0001</code>.</li>
- * <li><code>SourceID</code>: SHA-1 hash of the authURL</li>
- * <li><code>AssertionHandle</code>: SHA-1 hash of the <code>MOASessionID</code></li>
- * </ul>
- * @param authURL URL auf the MOA-ID Auth component to be used for construction
- * of <code>SourceID</code>
- * @param sessionID <code>MOASessionID</code> to be used for construction
- * of <code>AssertionHandle</code>
- * @return the 42-byte SAML artifact, encoded BASE64
- */
- public String build(String authURL, String sessionID) throws BuildException {
- try {
- MessageDigest md = MessageDigest.getInstance("SHA-1");
- byte[] sourceID = md.digest(authURL.getBytes());
- byte[] assertionHandle = md.digest(sessionID.getBytes());
- ByteArrayOutputStream out = new ByteArrayOutputStream(42);
- out.write(0);
- out.write(1);
- out.write(sourceID, 0, 20);
- out.write(assertionHandle, 0, 20);
- byte[] samlArtifact = out.toByteArray();
- String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
- return samlArtifactBase64;
- }
- catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] {"SAML Artifact, MOASessionID=" + sessionID, ex.toString()},
- ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java
deleted file mode 100644
index a4fb5579e..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java
+++ /dev/null
@@ -1,100 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.text.MessageFormat;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.*;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-
-/**
- * Builder for the <code>lt;samlp:Response&gt;</code> used for passing
- * result and status information from the <code>GetAuthenticationData</code>
- * web service.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLResponseBuilder implements Constants {
- /** XML - Template for samlp:Response */
- private static final String RESPONSE =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" +
- "<samlp:Response xmlns:samlp=\"" + SAMLP_NS_URI + "\" xmlns:saml=\"" + SAML_NS_URI + "\"" +
- " ResponseID=\"{0}\" InResponseTo=\"{1}\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"{2}\">" +
- " <samlp:Status>" +
- " <samlp:StatusCode Value=\"{3}\">" +
- " {4}" +
- " </samlp:StatusCode>" +
- " <samlp:StatusMessage>{5}</samlp:StatusMessage>" +
- " </samlp:Status>" +
- " {6}" +
- "</samlp:Response>";
- /** XML - Template for samlp:StatusCode */
- private static final String SUB_STATUS_CODE =
- "<samlp:StatusCode Value=\"{0}\"></samlp:StatusCode>";
-
- /**
- * Constructor for SAMLResponseBuilder.
- */
- public SAMLResponseBuilder() {
- super();
- }
- /**
- * Builds the SAML response.
- * @param responseID response ID
- * @param inResponseTo request ID of <code>lt;samlp:Request&gt;</code> responded to
- * @param issueInstant current timestamp
- * @param statusCode status code
- * @param subStatusCode sub-status code refining the status code; may be <code>null</code>
- * @param statusMessage status message
- * @param samlAssertion SAML assertion representing authentication data
- * @return SAML response as a DOM element
- */
- public Element build(
- String responseID,
- String inResponseTo,
- String issueInstant,
- String statusCode,
- String subStatusCode,
- String statusMessage,
- String samlAssertion)
- throws BuildException {
-
- try {
- String xmlSubStatusCode =
- subStatusCode == null ?
- "" :
- MessageFormat.format(SUB_STATUS_CODE, new Object[] {subStatusCode});
- String xmlResponse = MessageFormat.format(RESPONSE, new Object[] {
- responseID,
- inResponseTo,
- issueInstant,
- statusCode,
- xmlSubStatusCode,
- statusMessage,
- removeXMLDeclaration(samlAssertion) });
- Element domResponse = DOMUtils.parseDocument(xmlResponse, true, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- return domResponse;
- }
- catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] { "samlp:Response", ex.toString() },
- ex);
- }
- }
- /**
- * Removes the XML declaration from an XML expression.
- * @param xmlString XML expression as String
- * @return XML expression, XML declaration removed
- */
- private String removeXMLDeclaration(String xmlString) {
- if (xmlString.startsWith("<?xml")) {
- int firstElement = xmlString.indexOf("<", 1);
- return xmlString.substring(firstElement);
- }
- else return xmlString;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java
deleted file mode 100644
index 363cd65a3..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java
+++ /dev/null
@@ -1,63 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.BuildException;
-
-/**
- * Builder for the BKU selection form requesting the user to choose
- * a BKU from a list.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SelectBKUFormBuilder extends Builder {
- /** private static String NL contains the NewLine representation in Java*/
- private static final String nl = "\n";
- /** special tag in the HTML template to be substituted for the form action which is
- * a URL of MOA-ID Auth */
- private static final String ACTION_TAG = "<StartAuth>";
- /** special tag in the HTML template to be substituted for the <code>&lt;select;gt;</code> tag
- * containing the BKU selection options */
- private static final String SELECT_TAG = "<BKUSelect>";
- /**
- * Template for the default html-code to be returned as security-layer-selection to be built
- */
- private static final String DEFAULT_HTML_TEMPLATE =
- "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
- "<html>" + nl +
- "<head>" + nl +
- "<title>Auswahl der B&uuml;rgerkartenumgebung</title>" + nl +
- "</head>" + nl +
- "<body>" + nl +
- "<form name=\"BKUSelectionForm\"" + nl +
- " action=\"" + ACTION_TAG + "\"" + nl +
- " method=\"post\">" + nl +
- SELECT_TAG + nl +
- " <input type=\"submit\" value=\"B&uuml;rgerkartenumgebung ausw&auml;hlen\"/>" + nl +
- "</form>" + nl +
- "</body>" + nl +
- "</html>";
-
- /**
- * Constructor
- */
- public SelectBKUFormBuilder() {
- super();
- }
- /**
- * Method build. Builds the form
- * @param htmlTemplate to be used
- * @param startAuthenticationURL the url where the startAuthenticationServlet can be found
- * @param bkuSelectTag if a special bku should be used
- * @return String
- * @throws BuildException on any error
- */
- public String build(String htmlTemplate, String startAuthenticationURL, String bkuSelectTag)
- throws BuildException {
-
- String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate;
- htmlForm = replaceTag(htmlForm, ACTION_TAG, startAuthenticationURL);
- htmlForm = replaceTag(htmlForm, SELECT_TAG, bkuSelectTag);
- return htmlForm;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java
deleted file mode 100644
index c18156a01..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java
+++ /dev/null
@@ -1,52 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.security.MessageDigest;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * Builder for the VPK, as defined in
- * <code>&quot;Ableitung f&uml;r die verfahrensspezifische Personenkennzeichnung&quot;</code>
- * version <code>1.0.1</code> from <code>&quot;reference.e-government.gv.at&quot;</code>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class VPKBuilder {
-
- /**
- * Builds the VPK from given parameters.
- * @param identificationValue "ZMR-Zahl"
- * @param dateOfBirth "Geburtsdatum"
- * @param target "Verfahrensname"; will be transformed to lower case
- * @return VPK in a BASE64 encoding
- * @throws BuildException while building the VPK
- */
- public String buildVPK(String identificationValue, String dateOfBirth, String target)
- throws BuildException {
-
- if (identificationValue == null || identificationValue.length() == 0
- || dateOfBirth == null || dateOfBirth.length() == 0
- || target == null || target.length() == 0)
- throw new BuildException(
- "builder.00",
- new Object[] {"VPK",
- "Unvollständige Parameterangaben: identificationValue=" + identificationValue +
- ",dateOfBirth=" + dateOfBirth + ",target=" + target});
- String basisbegriff = identificationValue + "+" + dateOfBirth + "+" + target.toLowerCase();
- try {
- MessageDigest md = MessageDigest.getInstance("SHA-1");
- byte[] hash = md.digest(basisbegriff.getBytes());
- String hashBase64 = Base64Utils.encode(hash);
- return hashBase64;
- }
- catch (Exception ex) {
- throw new BuildException(
- "builder.00",
- new Object[] {"VPK", ex.toString()},
- ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java
deleted file mode 100644
index 863162fd9..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java
+++ /dev/null
@@ -1,203 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.*;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Builder for the <code>&lt;VerifyXMLSignatureRequestBuilder&gt;</code> structure
- * used for sending the DSIG-Signature of the Security Layer card for validating to MOA-SP.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class VerifyXMLSignatureRequestBuilder {
- /** The MOA-Prefix */
- private static final String MOA = Constants.MOA_PREFIX + ":";
- /** the request as string */
- private String request;
- /** the request as DOM-Element */
- private Element reqElem;
-
- /**
- * Constructor for VerifyXMLSignatureRequestBuilder.
- */
- public VerifyXMLSignatureRequestBuilder() {}
- /**
- * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
- * from an IdentityLink with a known trustProfileID which
- * has to exist in MOA-SP
- * @param idl - The IdentityLink
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- * @return Element - The complete request as Dom-Element
- * @throws ParseException
- */
- public Element build(IdentityLink idl, String trustProfileID) throws ParseException
- { //samlAssertionObject
- request =
- "<?xml version='1.0' encoding='UTF-8' ?>"
- + "<VerifyXMLSignatureRequest xmlns=\"http://reference.e-government.gv.at/namespace/moa/20020822#\" xmlns:xml=\"http://www.w3.org/XML/1998/namespace\" xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">"
- + " <VerifySignatureInfo>"
- + " <VerifySignatureEnvironment>"
- + " <XMLContent xml:space=\"preserve\"/>"
- + " </VerifySignatureEnvironment>"
- + " <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>"
- + " </VerifySignatureInfo>"
- + " <SignatureManifestCheckParams ReturnReferenceInputData=\"false\">" // True bei CreateXMLSig Überprüfung
- +" <ReferenceInfo>" + " <VerifyTransformsInfoProfile/>"
- // Profile ID für create (alle auslesen aus IDCOnfig VerifyAuthBlock)
- +" </ReferenceInfo>" + " </SignatureManifestCheckParams>"
-
- // Testweise ReturnReferenceInputData = False
-
- +" <ReturnHashInputData/>"
- + " <TrustProfileID>"
- + trustProfileID
- + "</TrustProfileID>"
- + "</VerifyXMLSignatureRequest>";
-
- try {
- InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8"));
- reqElem = DOMUtils.parseXmlValidating(s);
-
- String CONTENT_XPATH =
- "//"
- + MOA
- + "VerifyXMLSignatureRequest/"
- + MOA
- + "VerifySignatureInfo/"
- + MOA
- + "VerifySignatureEnvironment/"
- + MOA
- + "XMLContent";
-
- Element insertTo =
- (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH);
- insertTo.appendChild(
- insertTo.getOwnerDocument().importNode(idl.getSamlAssertion(), true));
-
- String SIGN_MANI_CHECK_PARAMS_XPATH =
- "//"
- + MOA
- + "VerifyXMLSignatureRequest/"
- + MOA
- + "SignatureManifestCheckParams";
- insertTo =
- (Element) XPathUtils.selectSingleNode(
- reqElem,
- SIGN_MANI_CHECK_PARAMS_XPATH);
- insertTo.removeChild(
- (Element) XPathUtils.selectSingleNode(
- reqElem,
- SIGN_MANI_CHECK_PARAMS_XPATH + "/" + MOA + "ReferenceInfo"));
- Element[] dsigTransforms = idl.getDsigReferenceTransforms();
- for (int i = 0; i < 1; i++) //dsigTransforms.length; i++)
- {
- Element refInfo =
- insertTo.getOwnerDocument().createElementNS(
- Constants.MOA_NS_URI,
- "ReferenceInfo");
- insertTo.appendChild(refInfo);
- Element verifyTransformsInfoProfile =
- insertTo.getOwnerDocument().createElementNS(
- Constants.MOA_NS_URI,
- "VerifyTransformsInfoProfile");
- refInfo.appendChild(verifyTransformsInfoProfile);
- verifyTransformsInfoProfile.appendChild(
- insertTo.getOwnerDocument().importNode(dsigTransforms[i], true));
- }
- }
- catch (Throwable t) {
- throw new ParseException( //"VerifyXMLSignatureRequest (IdentityLink)");
- "builder.00",
- new Object[] { "VerifyXMLSignatureRequest (IdentityLink)" },
- t);
- }
-
- return reqElem;
- }
-
- /**
- * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
- * from an IdentityLink with a known trustProfileID which
- * has to exist in MOA-SP
- * @param idl - The IdentityLink
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- * @return Element - The complete request as Dom-Element
- * @throws ParseException
- */
- public Element build(
- CreateXMLSignatureResponse csr,
- String[] verifyTransformsInfoProfileID,
- String trustProfileID)
- throws ParseException { //samlAssertionObject
- request =
- "<?xml version='1.0' encoding='UTF-8' ?>"
- + "<VerifyXMLSignatureRequest xmlns=\"http://reference.e-government.gv.at/namespace/moa/20020822#\" xmlns:xml=\"http://www.w3.org/XML/1998/namespace\" xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">"
- + " <VerifySignatureInfo>"
- + " <VerifySignatureEnvironment>"
- + " <XMLContent xml:space=\"preserve\"/>"
- + " </VerifySignatureEnvironment>"
- + " <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>"
- + " </VerifySignatureInfo>"
- + " <SignatureManifestCheckParams ReturnReferenceInputData=\"true\">"
- + " <ReferenceInfo>";
-
- for (int i = 0; i < verifyTransformsInfoProfileID.length; i++) {
- request += " <VerifyTransformsInfoProfileID>" +
- verifyTransformsInfoProfileID[i] +
- "</VerifyTransformsInfoProfileID>";
- // Profile ID für create (auslesen aus IDCOnfig VerifyAuthBlock ODER per String übergeben....)
-
- }
-
- request += " </ReferenceInfo>"
- + " </SignatureManifestCheckParams>"
- // Testweise ReturnReferenceInputData = False
- +" <ReturnHashInputData/>"
- + " <TrustProfileID>"
- + trustProfileID
- + "</TrustProfileID>"
- + "</VerifyXMLSignatureRequest>";
-
- try {
- // Build a DOM-Tree of the obove String
- InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8"));
- reqElem = DOMUtils.parseXmlValidating(s);
- //Insert the SAML-Assertion-Object
- String CONTENT_XPATH =
- "//"
- + MOA
- + "VerifyXMLSignatureRequest/"
- + MOA
- + "VerifySignatureInfo/"
- + MOA
- + "VerifySignatureEnvironment/"
- + MOA
- + "XMLContent";
-
- Element insertTo =
- (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH);
- insertTo.appendChild(
- insertTo.getOwnerDocument().importNode(csr.getSamlAssertion(), true));
-
- }
- catch (Throwable t) {
- throw new ParseException(
- "builder.00",
- new Object[] { "VerifyXMLSignatureRequest" },
- t);
- }
-
- return reqElem;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
deleted file mode 100644
index ba4a9e367..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ /dev/null
@@ -1,220 +0,0 @@
-package at.gv.egovernment.moa.id.auth.data;
-
-import java.util.Date;
-
-
-/**
- * Session data to be stored between <code>AuthenticationServer</code> API calls.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationSession {
- /**
- * session ID
- */
- private String sessionID;
- /**
- * "Gesch&auml;ftsbereich" the online application belongs to
- */
- private String target;
- /**
- * public online application URL requested
- */
- private String oaURLRequested;
- /**
- * public online application URL prefix
- */
- private String oaPublicURLPrefix;
- /**
- * URL of MOA ID authentication component
- */
- private String authURL;
- /**
- * HTML template URL
- */
- private String templateURL;
- /**
- * identity link read from smartcard
- */
- private IdentityLink identityLink;
- /**
- * authentication block to be signed by the user
- */
- private String authBlock;
- /**
- * timestamp logging when authentication session has been created
- */
- private Date timestampStart;
- /**
- * timestamp logging when identity link has been received
- */
- private Date timestampIdentityLink;
-
- /**
- * Constructor for AuthenticationSession.
- *
- * @param id Session ID
- */
- public AuthenticationSession(String id) {
- sessionID = id;
- setTimestampStart();
- }
-
- /**
- * Returns the identityLink.
- * @return IdentityLink
- */
- public IdentityLink getIdentityLink() {
- return identityLink;
- }
-
- /**
- * Returns the sessionID.
- * @return String
- */
- public String getSessionID() {
- return sessionID;
- }
-
- /**
- * Sets the identityLink.
- * @param identityLink The identityLink to set
- */
- public void setIdentityLink(IdentityLink identityLink) {
- this.identityLink = identityLink;
- }
-
- /**
- * Sets the sessionID.
- * @param sessionID The sessionID to set
- */
- public void setSessionID(String sessionId) {
- this.sessionID = sessionId;
- }
-
- /**
- * Returns the oaURLRequested.
- * @return String
- */
- public String getOAURLRequested() {
- return oaURLRequested;
- }
-
- /**
- * Returns the oaURLRequested.
- * @return String
- */
- public String getPublicOAURLPrefix() {
- return oaPublicURLPrefix;
- }
-
- /**
- * Returns the target.
- * @return String
- */
- public String getTarget() {
- return target;
- }
-
- /**
- * Sets the oaURLRequested.
- * @param oaURLRequested The oaURLRequested to set
- */
- public void setOAURLRequested(String url) {
- this.oaURLRequested = url;
- }
-
- /**
- * Sets the oaPublicURLPrefix
- * @param url The oaPublicURLPrefix to set
- */
- public void setPublicOAURLPrefix(String url) {
- this.oaPublicURLPrefix = url;
- }
-
- /**
- * Sets the target.
- * @param target The target to set
- */
- public void setTarget(String target) {
- this.target = target;
- }
-
- /**
- * Returns the authURL.
- * @return String
- */
- public String getAuthURL() {
- return authURL;
- }
-
- /**
- * Sets the authURL.
- * @param authURL The authURL to set
- */
- public void setAuthURL(String authURL) {
- this.authURL = authURL;
- }
-
- /**
- * Returns the authBlock.
- * @return String
- */
- public String getAuthBlock() {
- return authBlock;
- }
-
- /**
- * Sets the authBlock.
- * @param authBlock The authBlock to set
- */
- public void setAuthBlock(String authBlock) {
- this.authBlock = authBlock;
- }
-
- /**
- * Returns the timestampIdentityLink.
- * @return Date
- */
- public Date getTimestampIdentityLink() {
- return timestampIdentityLink;
- }
-
- /**
- * Returns the timestampStart.
- * @return Date
- */
- public Date getTimestampStart() {
- return timestampStart;
- }
-
- /**
- * Sets the current date as timestampIdentityLink.
- */
- public void setTimestampIdentityLink() {
- timestampIdentityLink = new Date();
- }
-
- /**
- * Sets the current date as timestampStart.
- */
- public void setTimestampStart() {
- timestampStart = new Date();
- }
-
- /**
- * @return template URL
- */
- public String getTemplateURL() {
- return templateURL;
- }
-
- /**
- * @param string the template URL
- */
- public void setTemplateURL(String string) {
- templateURL = string;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java
deleted file mode 100644
index 81945f644..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java
+++ /dev/null
@@ -1,71 +0,0 @@
-package at.gv.egovernment.moa.id.auth.data;
-
-import org.w3c.dom.Element;
-
-/**
- * This bean saves all information of the CreateXMLSignature-Response:
- * a {@link SAMLAttribute} array, the SamlAssertion-Element and the
- * saml NameIdentifier
- *
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class CreateXMLSignatureResponse {
- /** the samlNameIdentifier */
-private String samlNameIdentifier;
- /** an array of saml-attributes */
-private SAMLAttribute[] samlAttributes;
- /**
- * the original saml:Assertion-Element
- */
- private Element samlAssertion;
-/**
- * Returns the samlAssertion.
- * @return Element
- */
-public Element getSamlAssertion() {
- return samlAssertion;
-}
-
-/**
- * Returns the samlAttribute.
- * @return SAMLAttribute[]
- */
-public SAMLAttribute[] getSamlAttributes() {
- return samlAttributes;
-}
-
-/**
- * Returns the samlNameIdentifier.
- * @return String
- */
-public String getSamlNameIdentifier() {
- return samlNameIdentifier;
-}
-
-/**
- * Sets the samlAssertion.
- * @param samlAssertion The samlAssertion to set
- */
-public void setSamlAssertion(Element samlAssertion) {
- this.samlAssertion = samlAssertion;
-}
-
-/**
- * Sets the samlAttribute.
- * @param samlAttribute The samlAttribute to set
- */
-public void setSamlAttributes(SAMLAttribute[] samlAttributes) {
- this.samlAttributes = samlAttributes;
-}
-
-/**
- * Sets the samlNameIdentifier.
- * @param samlNameIdentifier The samlNameIdentifier to set
- */
-public void setSamlNameIdentifier(String samlNameIdentifier) {
- this.samlNameIdentifier = samlNameIdentifier;
-}
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java
deleted file mode 100644
index e2ad2625a..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java
+++ /dev/null
@@ -1,189 +0,0 @@
-package at.gv.egovernment.moa.id.auth.data;
-
-import java.security.PublicKey;
-
-import org.w3c.dom.Element;
-
-
-/**
- * Data contained in an identity link issued by BMI, relevant to the MOA ID component.
- * <br><code>"IdentityLink"</code> is the translation of <code>"Personenbindung"</code>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class IdentityLink {
- /**
- * <code>"identificationValue"</code> is the translation of <code>"ZMR-Zahl"</code>.
- */
- private String identificationValue;
- /**
- * first name
- */
- private String givenName;
- /**
- * family name
- */
- private String familyName;
- /**
- * date of birth
- */
- private String dateOfBirth;
- /**
- * the original saml:Assertion-Element
- */
- private Element samlAssertion;
- /**
- * Element /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person
- */
- private Element prPerson;
- /**
- * we need for each dsig:Reference Element all
- * transformation elements
- */
- private Element[] dsigReferenceTransforms;
-
-
- /**
- * we need all public keys stored in
- * the identity link
- */
- private PublicKey[] publicKey;
-
- /**
- * Constructor for IdentityLink
- */
- public IdentityLink() {
- }
-
- /**
- * Returns the dateOfBirth.
- * @return Calendar
- */
- public String getDateOfBirth() {
- return dateOfBirth;
- }
-
- /**
- * Returns the familyName.
- * @return String
- */
- public String getFamilyName() {
- return familyName;
- }
-
- /**
- * Returns the givenName.
- * @return String
- */
- public String getGivenName() {
- return givenName;
- }
-
- /**
- * Returns the identificationValue.
- * <code>"identificationValue"</code> is the translation of <code>"ZMR-Zahl"</code>.
- * @return String
- */
- public String getIdentificationValue() {
- return identificationValue;
- }
-
- /**
- * Sets the dateOfBirth.
- * @param dateOfBirth The dateOfBirth to set
- */
- public void setDateOfBirth(String dateOfBirth) {
- this.dateOfBirth = dateOfBirth;
- }
-
- /**
- * Sets the familyName.
- * @param familyName The familyName to set
- */
- public void setFamilyName(String familyName) {
- this.familyName = familyName;
- }
-
- /**
- * Sets the givenName.
- * @param givenName The givenName to set
- */
- public void setGivenName(String givenName) {
- this.givenName = givenName;
- }
-
- /**
- * Sets the identificationValue.
- * <code>"identificationValue"</code> is the translation of <code>"ZMR-Zahl"</code>.
- * @param identificationValue The identificationValue to set
- */
- public void setIdentificationValue(String identificationValue) {
- this.identificationValue = identificationValue;
- }
-
- /**
- * Returns the samlAssertion.
- * @return Element
- */
- public Element getSamlAssertion() {
- return samlAssertion;
- }
-
- /**
- * Sets the samlAssertion.
- * @param samlAssertion The samlAssertion to set
- */
- public void setSamlAssertion(Element samlAssertion) {
- this.samlAssertion = samlAssertion;
- }
-
- /**
- * Returns the dsigReferenceTransforms.
- * @return Element[]
- */
- public Element[] getDsigReferenceTransforms() {
- return dsigReferenceTransforms;
- }
-
- /**
- * Sets the dsigReferenceTransforms.
- * @param dsigReferenceTransforms The dsigReferenceTransforms to set
- */
- public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) {
- this.dsigReferenceTransforms = dsigReferenceTransforms;
- }
-
- /**
- * Returns the publicKey.
- * @return PublicKey[]
- */
- public PublicKey[] getPublicKey() {
- return publicKey;
- }
-
- /**
- * Sets the publicKey.
- * @param publicKey The publicKey to set
- */
- public void setPublicKey(PublicKey[] publicKey) {
- this.publicKey = publicKey;
- }
-
- /**
- * Returns the prPerson.
- * @return Element
- */
- public Element getPrPerson() {
- return prPerson;
- }
-
- /**
- * Sets the prPerson.
- * @param prPerson The prPerson to set
- */
- public void setPrPerson(Element prPerson) {
- this.prPerson = prPerson;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java
deleted file mode 100644
index c787b2a81..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java
+++ /dev/null
@@ -1,78 +0,0 @@
-package at.gv.egovernment.moa.id.auth.data;
-
-/**
- * This bean saves all data of a single SAMLAttribute:
- * the name, value and namespace
- *
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class SAMLAttribute {
-/** the name to be stored */
-private String name;
-/** the namespace to be stored */
-private String namespace;
-/** the value to be stored */
-private String value;
-
- /**
- * Constructor for SAMLAttribute.
- */
- public SAMLAttribute(String name, String namespace, String value) {
-
- this.name = name;
- this.namespace = namespace;
- this.value = value;
-
- }
-
-/**
- * Returns the name.
- * @return String
- */
-public String getName() {
- return name;
-}
-
-/**
- * Returns the namespace.
- * @return String
- */
-public String getNamespace() {
- return namespace;
-}
-
-/**
- * Returns the value.
- * @return String
- */
-public String getValue() {
- return value;
-}
-
-/**
- * Sets the name.
- * @param name The name to set
- */
-public void setName(String name) {
- this.name = name;
-}
-
-/**
- * Sets the namespace.
- * @param namespace The namespace to set
- */
-public void setNamespace(String namespace) {
- this.namespace = namespace;
-}
-
-/**
- * Sets the value.
- * @param value The value to set
- */
-public void setValue(String value) {
- this.value = value;
-}
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java
deleted file mode 100644
index 8233d1478..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java
+++ /dev/null
@@ -1,177 +0,0 @@
-package at.gv.egovernment.moa.id.auth.data;
-
-import iaik.x509.X509Certificate;
-
-/**
- * This bean saves all information of the MOA-SP-Answer
- * after the verification of any signature
- *
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class VerifyXMLSignatureResponse {
- /** The xmlDsigSubjectName to be stored */
- private String xmlDsigSubjectName;
- /** The signatureCheckCode to be stored */
- private int signatureCheckCode;
- /** The xmlDSIGManifestCheckCode to be stored */
- private int xmlDSIGManifestCheckCode;
- /** The xmlDSIGManigest to be stored */
- private boolean xmlDSIGManigest;
- /** The certificateCheckCode to be stored */
- private int certificateCheckCode;
- /** The publicAuthority to be stored */
- private boolean publicAuthority;
- /** The publicAuthorityCode to be stored */
- private String publicAuthorityCode;
- /** The qualifiedCertificate to be stored */
- private boolean qualifiedCertificate;
- /** The x509certificate to be stored */
- private X509Certificate x509certificate;
-
- /**
- * Returns the certificateCheckCode.
- * @return int
- */
- public int getCertificateCheckCode() {
- return certificateCheckCode;
- }
-
- /**
- * Returns the signatureCheckCode.
- * @return int
- */
- public int getSignatureCheckCode() {
- return signatureCheckCode;
- }
-
- /**
- * Returns the xmlDSIGManifestCheckCode.
- * @return int
- */
- public int getXmlDSIGManifestCheckCode() {
- return xmlDSIGManifestCheckCode;
- }
-
- /**
- * Returns the xmlDsigSubjectName.
- * @return String
- */
- public String getXmlDsigSubjectName() {
- return xmlDsigSubjectName;
- }
-
- /**
- * Sets the certificateCheckCode.
- * @param certificateCheckCode The certificateCheckCode to set
- */
- public void setCertificateCheckCode(int certificateCheckCode) {
- this.certificateCheckCode = certificateCheckCode;
- }
-
- /**
- * Sets the signatureCheckCode.
- * @param signatureCheckCode The signatureCheckCode to set
- */
- public void setSignatureCheckCode(int signatureCheckCode) {
- this.signatureCheckCode = signatureCheckCode;
- }
-
- /**
- * Sets the xmlDSIGManifestCheckCode.
- * @param xmlDSIGManifestCheckCode The xmlDSIGManifestCheckCode to set
- */
- public void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode) {
- this.xmlDSIGManifestCheckCode = xmlDSIGManifestCheckCode;
- }
-
- /**
- * Sets the xmlDsigSubjectName.
- * @param xmlDsigSubjectName The xmlDsigSubjectName to set
- */
- public void setXmlDsigSubjectName(String xmlDsigSubjectName) {
- this.xmlDsigSubjectName = xmlDsigSubjectName;
- }
-
- /**
- * Returns the publicAuthorityCode.
- * @return int
- */
- public String getPublicAuthorityCode() {
- return publicAuthorityCode;
- }
-
- /**
- * Sets the publicAuthorityCode.
- * @param publicAuthorityCode The publicAuthorityCode to set
- */
- public void setPublicAuthorityCode(String publicAuthorityCode) {
- this.publicAuthorityCode = publicAuthorityCode;
- }
-
- /**
- * Returns the qualifiedCertificate.
- * @return boolean
- */
- public boolean isQualifiedCertificate() {
- return qualifiedCertificate;
- }
-
- /**
- * Returns the x509certificate.
- * @return X509Certificate
- */
- public X509Certificate getX509certificate() {
- return x509certificate;
- }
-
- /**
- * Sets the qualifiedCertificate.
- * @param qualifiedCertificate The qualifiedCertificate to set
- */
- public void setQualifiedCertificate(boolean qualifiedCertificate) {
- this.qualifiedCertificate = qualifiedCertificate;
- }
-
- /**
- * Sets the x509certificate.
- * @param x509certificate The x509certificate to set
- */
- public void setX509certificate(X509Certificate x509certificate) {
- this.x509certificate = x509certificate;
- }
-
- /**
- * Returns the xmlDSIGManigest.
- * @return boolean
- */
- public boolean isXmlDSIGManigest() {
- return xmlDSIGManigest;
- }
-
- /**
- * Sets the xmlDSIGManigest.
- * @param xmlDSIGManigest The xmlDSIGManigest to set
- */
- public void setXmlDSIGManigest(boolean xmlDSIGManigest) {
- this.xmlDSIGManigest = xmlDSIGManigest;
- }
-
- /**
- * Returns the publicAuthority.
- * @return boolean
- */
- public boolean isPublicAuthority() {
- return publicAuthority;
- }
-
- /**
- * Sets the publicAuthority.
- * @param publicAuthority The publicAuthority to set
- */
- public void setPublicAuthority(boolean publicAuthority) {
- this.publicAuthority = publicAuthority;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id.server/src/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
deleted file mode 100644
index 8faa69260..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
+++ /dev/null
@@ -1,91 +0,0 @@
-package at.gv.egovernment.moa.id.auth.invoke;
-
-import java.util.Vector;
-
-import javax.xml.namespace.QName;
-import javax.xml.rpc.Call;
-import javax.xml.rpc.Service;
-import javax.xml.rpc.ServiceFactory;
-
-import org.apache.axis.message.SOAPBodyElement;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.ServiceException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
-import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
-import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
-import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
-import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
-
-/**
- * Invoker of the <code>SignatureVerification</code> web service of MOA-SPSS.<br>
- * Either invokes the web service, or calls the corresponding API, depending on configuration data.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class SignatureVerificationInvoker {
- /** This QName Object identifies the SignatureVerification endpoint of the web service */
- private static final QName SERVICE_QNAME = new QName("SignatureVerification");
-
- /**
- * Method verifyXMLSignature.
- * @param request to be sent
- * @return Element with the answer
- * @throws ServiceException if an error occurs
- */
- public Element verifyXMLSignature(Element request) throws ServiceException {
- return doCall(SERVICE_QNAME, request);
- }
-
- /**
- * Method doCall.
- * @param serviceName the name of the service
- * @param request the request to be sent
- * @return Element the answer
- * @throws ServiceException if an error occurs
- */
- protected Element doCall(QName serviceName, Element request) throws ServiceException {
- ConnectionParameter authConnParam = null;
- try {
- Service service = ServiceFactory.newInstance().createService(serviceName);
- Call call = service.createCall();
- SOAPBodyElement body = new SOAPBodyElement(request);
- SOAPBodyElement[] params = new SOAPBodyElement[] { body };
- Vector responses;
- SOAPBodyElement response;
-
- String endPoint;
- AuthConfigurationProvider authConfigProvider = AuthConfigurationProvider.getInstance();
- authConnParam = authConfigProvider.getMoaSpConnectionParameter();
-
- //If the ConnectionParameter do NOT exist, we try to get the api to work....
- if (authConnParam != null) {
- endPoint = authConnParam.getUrl();
- call.setTargetEndpointAddress(endPoint);
- responses = (Vector) call.invoke(serviceName, params);
- response = (SOAPBodyElement) responses.get(0);
- return response.getAsDOM();
- }
- else {
- SignatureVerificationService svs = SignatureVerificationService.getInstance();
- VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request);
- VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
-
- Document result = new VerifyXMLSignatureResponseBuilder().build(vsresponse);
- Logger.setHierarchy("moa.id.auth");
- return result.getDocumentElement();
- }
- }
- catch (Exception ex) {
- if (authConnParam != null)
- throw new ServiceException("service.00", new Object[] { ex.toString()}, ex);
- else
- throw new ServiceException("service.03", new Object[] { ex.toString()}, ex);
- }
- }
-} \ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java
deleted file mode 100644
index 1079a48de..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java
+++ /dev/null
@@ -1,140 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.traversal.NodeIterator;
-
-import at.gv.egovernment.moa.id.*;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.SAMLAttribute;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parses an <code>&lt;InfoboxReadResponse&gt;</code> returned from
- * the security layer
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-public class CreateXMLSignatureResponseParser {
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */
- private static final String SL10 = Constants.SL10_PREFIX + ":";
- /** Xpath prefix for reaching SecurityLayer 1.1 Namespaces */
- private static final String SL11 = Constants.SL11_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = Constants.SAML_PREFIX + ":";
- /** Xpath prefix for reaching XML-DSIG Namespaces */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SL11 + "CreateXMLSignatureResponse/";
- /** Xpath expression to the SAML:Assertion element */
- private static final String SAML_ASSERTION_XPATH = ROOT + SAML + "Assertion";
- /** Xpath expression to the SAML:NameIdentifier element */
- private static final String SAML_SUBJECT_NAME_IDENTIFIER_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Subject/" + SAML + "NameIdentifier";
- /** Xpath expression to the AttributeStatement element */
- private static final String SAML_ATTRIBUTE_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Attribute";
- /** Xpath expression to the AttributeValue element */
- private static final String SAML_ATTRIBUTE_VALUE_XPATH = SAML + "AttributeValue";
-
- /** This is the root element of the XML-Document provided by the Security Layer Card */
- private Element sigResponse;
-
- /**
- * Constructor for CreateXMLSignatureResponseParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as String
- * @throws AuthenticationException if any authentication error occurs
- * @throws ParseException if an element cannot be parsed
- */
- public CreateXMLSignatureResponseParser(String xmlResponse) throws AuthenticationException, ParseException {
- ErrorResponseParser erp = new ErrorResponseParser(xmlResponse);
- if (erp.getErrorCode() != null) {
- throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()});
- }
-
- try {
-
- InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
- sigResponse = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for CreateXMLSignatureResponseParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as InputStream
- * @throws AuthenticationException if any Authentication error occurs
- * @throws ParseException if an element cannot be parsed
- */
- public CreateXMLSignatureResponseParser(InputStream is) throws AuthenticationException, ParseException {
-
- ErrorResponseParser erp = new ErrorResponseParser(is);
- if (erp.getErrorCode() != null) {
- throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()});
- }
-
- try {
-
- sigResponse = DOMUtils.parseXmlValidating(is);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for CreateXMLSignatureResponseParser.
- * The incoming Element will be used for further operations
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as InputStream
- */
- public CreateXMLSignatureResponseParser(Element xmlResponse) {
- sigResponse = xmlResponse;
-
- }
-
- /**
- * Parses the identity link from <code>&lt;InfoboxReadResponse&gt;</code>
- * @return Identity link
- * @throws ParseException
- */
-
- public CreateXMLSignatureResponse parseResponse() throws ParseException {
- CreateXMLSignatureResponse cResp;
- try {
-
- cResp = new CreateXMLSignatureResponse();
- cResp.setSamlNameIdentifier(XPathUtils.getElementValue(sigResponse, SAML_SUBJECT_NAME_IDENTIFIER_XPATH, null));
- cResp.setSamlAssertion((Element) XPathUtils.selectSingleNode(sigResponse, SAML_ASSERTION_XPATH));
- NodeIterator attrIter = XPathUtils.selectNodeIterator(sigResponse, SAML_ATTRIBUTE_XPATH);
- Element samlAttr;
- List samlAttributes = new ArrayList();
- while ((samlAttr = (Element) attrIter.nextNode()) != null) {
- String attrName = XPathUtils.getAttributeValue(samlAttr, "@AttributeName", "");
- String attrNamespace = XPathUtils.getAttributeValue(samlAttr, "@AttributeNamespace", "");
- String attrValue = XPathUtils.getElementValue(samlAttr, SAML_ATTRIBUTE_VALUE_XPATH, "");
- samlAttributes.add(new SAMLAttribute(attrName, attrNamespace, attrValue));
- }
- SAMLAttribute[] result = new SAMLAttribute[samlAttributes.size()];
- samlAttributes.toArray(result);
- cResp.setSamlAttributes(result);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- return cResp;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ECDSAKeyValueConverter.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/ECDSAKeyValueConverter.java
deleted file mode 100644
index c28cfac76..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ECDSAKeyValueConverter.java
+++ /dev/null
@@ -1,350 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import iaik.security.ecc.ecdsa.ECDSAParameter;
-import iaik.security.ecc.ecdsa.ECPublicKey;
-import iaik.security.ecc.math.ecgroup.ECGroupFactory;
-import iaik.security.ecc.math.ecgroup.ECPoint;
-import iaik.security.ecc.math.ecgroup.EllipticCurve;
-import iaik.security.ecc.math.ecgroup.ProjectiveCoordinate;
-import iaik.security.ecc.math.field.Field;
-import iaik.security.ecc.math.field.FieldElement;
-import iaik.security.ecc.math.field.FieldFactory;
-import iaik.security.ecc.math.field.Value;
-import iaik.security.ecc.parameter.ECCParameterFactory;
-import iaik.security.ecc.spec.ECCParameterSpec;
-import java.math.BigInteger;
-import java.security.PublicKey;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Vector;
-import java.net.URL;
-import org.w3c.dom.Attr;
-import org.w3c.dom.Element;
-import org.w3c.dom.NamedNodeMap;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class ECDSAKeyValueConverter
-{
- /** Namespaces */
- public static final String NAMESPACE_XSI = "http://www.w3.org/2001/XMLSchema-instance";
-
- /**
- * Method element2ECDSAPublicKey.
- * @param keyValueElem a DomElement containing an ECDSA Public Key
- * @return PublicKey a java.security.publicKey - object
- * @throws Exception on any error
- */
-
- public static PublicKey element2ECDSAPublicKey(Element keyValueElem) throws Exception
- {
- String ecdsaNS = Constants.ECDSA_NS_URI;
- // Domain parameters
- Element domainParams = getChildElement(keyValueElem, ecdsaNS, "DomainParameters", 1);
- if (domainParams == null) throw new Exception("Domain parameters must not be implicit.");
- Element namedCurve = getChildElement(domainParams, ecdsaNS, "NamedCurve", 1);
- ECCParameterSpec eccParameterSpec;
- if (namedCurve != null)
- {
- URL curveNameURN = new URL(namedCurve.getAttributeNS(null, "URN"));
- ECCParameterFactory eccParamFactory = ECCParameterFactory.getInstance();
- eccParameterSpec = eccParamFactory.getParameterByOID(curveNameURN.getPath().substring(4));
- }
- else
- {
- Element excplicitParams = getChildElement(domainParams, ecdsaNS, "ExplicitParams", 1);
- Element fieldParams = getChildElement(excplicitParams, ecdsaNS, "FieldParams", 1);
- Element curveParams = getChildElement(excplicitParams, ecdsaNS, "CurveParams", 1);
- Element basePointParams = getChildElement(excplicitParams, ecdsaNS, "BasePointParams", 1);
-
- // Field parameters
- String fieldParamsTypeStr = fieldParams.getAttributeNS(NAMESPACE_XSI, "type");
- String ecdsaNSPrefix = getECDSANSPrefix(fieldParams);
- BigInteger p = null;
- int fieldParamsType = 0;
- final int FIELD_TYPE_PRIME = 1;
- final int FIELD_TYPE_TNB = 2;
- final int FIELD_TYPE_PNB = 3;
- int m = -1, k = -1, k1 = -1, k2 = -1, k3 = -1;
- if (fieldParamsTypeStr.equals(ecdsaNSPrefix + ":PrimeFieldParamsType"))
- {
- fieldParamsType = FIELD_TYPE_PRIME;
- String pStr = getChildElementText(fieldParams, ecdsaNS, "P", 1);
- p = new BigInteger(pStr, 10);
- }
- else if (fieldParamsTypeStr.equals(ecdsaNSPrefix + ":TnBFieldParamsType"))
- {
- fieldParamsType = FIELD_TYPE_TNB;
- String mStr = getChildElementText(fieldParams, ecdsaNS, "M", 1);
- m = Integer.parseInt(mStr);
- String kStr = getChildElementText(fieldParams, ecdsaNS, "K", 1);
- k = Integer.parseInt(kStr);
- }
- else if (fieldParamsTypeStr.equals(ecdsaNSPrefix + ":PnBFieldParamsType"))
- {
- fieldParamsType = FIELD_TYPE_PNB;
- String mStr = getChildElementText(fieldParams, ecdsaNS, "M", 1);
- m = Integer.parseInt(mStr);
- String k1Str = getChildElementText(fieldParams, ecdsaNS, "K1", 1);
- k1 = Integer.parseInt(k1Str);
- String k2Str = getChildElementText(fieldParams, ecdsaNS, "K2", 1);
- k2 = Integer.parseInt(k2Str);
- String k3Str = getChildElementText(fieldParams, ecdsaNS, "K3", 1);
- k3 = Integer.parseInt(k3Str);
- }
- else throw new Exception("Unknown field parameters.");
-
- // Curve parameters
- Element aElem = getChildElement(curveParams, ecdsaNS, "A", 1);
- String aStr = aElem.getAttributeNS(null, "Value");
- Element bElem = getChildElement(curveParams, ecdsaNS, "B", 1);
- String bStr = bElem.getAttributeNS(null, "Value");
- String seedStr = getChildElementText(curveParams, ecdsaNS, "Seed", 1);
- BigInteger seed = (seedStr != null) ? new BigInteger(seedStr, 10) : null;
-
- // Base point parameters
- Element basePoint = getChildElement(basePointParams, ecdsaNS, "BasePoint", 1);
- Element basePointXElem = getChildElement(basePoint, ecdsaNS, "X", 1);
- String basePointXStr = basePointXElem.getAttributeNS(null, "Value");
- Element basePointYElem = getChildElement(basePoint, ecdsaNS, "Y", 1);
- String basePointYStr = basePointYElem.getAttributeNS(null, "Value");
- String orderStr = getChildElementText(basePointParams, ecdsaNS, "Order", 1);
- BigInteger order = new BigInteger(orderStr, 10);
- String cofactorStr = getChildElementText(basePointParams, ecdsaNS, "Cofactor", 1);
- BigInteger cofactor = (cofactorStr != null) ? new BigInteger(cofactorStr, 10) : null;
-
- if (fieldParamsType == FIELD_TYPE_PRIME)
- {
- BigInteger a = new BigInteger(aStr, 10);
- BigInteger b = new BigInteger(bStr, 10);
- BigInteger basePointX = new BigInteger(basePointXStr, 10);
- BigInteger basePointY = new BigInteger(basePointYStr, 10);
- eccParameterSpec = new ECCParameterSpec(p, cofactor, order, seed, null, a, b, basePointX,
- basePointY, null);
- }
- else
- {
- int[] irreducible = new int[m/32 + ((m % 32 != 0) ? 1 : 0)];
- if (fieldParamsType == FIELD_TYPE_TNB)
- {
- irreducible[m/32] = 1 << m % 32;
- irreducible[k/32] += 1 << k % 32;
- irreducible[0] += 1;
- }
- else
- {
- irreducible[m/32] = 1 << m % 32;
- irreducible[k3/32] += 1 << k3 % 32;
- irreducible[k2/32] += 1 << k2 % 32;
- irreducible[k1/32] += 1 << k1 % 32;
- irreducible[0] += 1;
- }
- eccParameterSpec = new ECCParameterSpec(irreducible, cofactor, order, octetString2IntArray(aStr),
- octetString2IntArray(bStr), octetString2IntArray(basePointXStr),
- octetString2IntArray(basePointYStr), null);
- }
- }
-
- // Public key
- Element publicKeyElem = getChildElement(keyValueElem, ecdsaNS, "PublicKey", 1);
- Element publicKeyXElem = getChildElement(publicKeyElem, ecdsaNS, "X", 1);
- String publicKeyXStr = publicKeyXElem.getAttributeNS(null, "Value");
- Element publicKeyYElem = getChildElement(publicKeyElem, ecdsaNS, "Y", 1);
- String publicKeyYStr = publicKeyYElem.getAttributeNS(null, "Value");
-
- ECDSAParameter ecdsaParams = new ECDSAParameter(eccParameterSpec, false);
- ECGroupFactory ecGroupFactory = ECGroupFactory.getInstance();
- EllipticCurve eCurve = ecGroupFactory.getCurveWithProjective(eccParameterSpec.getA(),
- eccParameterSpec.getB(), eccParameterSpec.getR());
- Field field = eCurve.getField();
-
- // Detect type of public key field elements
- String elementType = publicKeyXElem.getAttributeNS(NAMESPACE_XSI, "type");
- String elementTypeLocalName = elementType.substring(elementType.indexOf(':') + 1);
- int FIELD_TYPE_PRIME = 1, FIELD_TYPE_CHAR_TWO = 2;
- int fieldElemType = ("PrimeFieldElemType".equals(elementTypeLocalName))
- ? FIELD_TYPE_PRIME
- : FIELD_TYPE_CHAR_TWO;
-
- FieldElement publicKeyPointX, publicKeyPointY;
- if (fieldElemType == FIELD_TYPE_PRIME)
- {
- Value xValue = FieldFactory.getInstance().getPrimeFieldValue(new BigInteger(publicKeyXStr, 10));
- publicKeyPointX = field.newElement(xValue);
- Value yValue = FieldFactory.getInstance().getPrimeFieldValue(new BigInteger(publicKeyYStr, 10));
- publicKeyPointY = field.newElement(yValue);
- }
- else
- {
- publicKeyPointX = field.newElement(octetString2ByteArray(publicKeyXStr));
- publicKeyPointY = field.newElement(octetString2ByteArray(publicKeyYStr));
- }
- ProjectiveCoordinate publicKeyPointCoordinate = new ProjectiveCoordinate(publicKeyPointX,
- publicKeyPointY, field.getONEelement());
- ECPoint publicKeyPoint = eCurve.newPoint(publicKeyPointCoordinate);
- ECPublicKey publicKey = new ECPublicKey(ecdsaParams, publicKeyPoint);
-
- return publicKey;
- }
-
- /**
- * Method getECDSANSPrefix.
- * @param element to get the prefix
- * @return String the prefix
- */
- private static String getECDSANSPrefix(Element element)
- {
- // FIXXME: Review this function (GK, 11.06.2002) - should return a list of strings, since more than
- // one NS prefix can be bound to the ECDSA namespace
-
- HashMap inScopeNSAttrs = getInScopeNSAttrs(element);
- Iterator inScopeNSAttrsIt = inScopeNSAttrs.keySet().iterator();
- while (inScopeNSAttrsIt.hasNext())
- {
- Attr currentAttr = (Attr)inScopeNSAttrs.get(inScopeNSAttrsIt.next());
- if (Constants.ECDSA_NS_URI.equals(currentAttr.getValue()))
- {
- return ("xmlns".equals(currentAttr.getNodeName())) ? "" : currentAttr.getNodeName().substring(6);
- }
- }
- return null;
- }
-
- /**
- * Method octetString2IntArray.
- * Converts an octet string representation into an int array as needed for the IAIK ECC library
- * @param octetString rightmost byte is least significant byte
- * @return int[] rightmost byte is LEAST significant byte
- */
- private static int[] octetString2IntArray(String octetString)
- {
- int byteCount = octetString.length()/2;
- int[] intArray = new int[byteCount/4 + ((byteCount % 4 != 0) ? 1 : 0)];
- for (int i = 0; i < byteCount; i++)
- {
- int oSStartPos = octetString.length() - (i + 1) * 2;
- int currentByte = Integer.parseInt(octetString.substring(oSStartPos, oSStartPos + 2), 16);
- intArray[i/4] += (currentByte & 0xFF) << ((i % 4) * 8);
- }
- return intArray;
- }
-
- /**
- * Converts an octet string representation into a byte array as needed for the IAIK ECC library
- * @param octetString rightmost byte is least significant byte
- * @return byte[] rightmost byte is MOST significant byte
- */
- private static byte[] octetString2ByteArray(String octetString)
- {
- int byteCount = octetString.length()/2;
- byte[] byteArray = new byte[byteCount];
- for (int i = 0; i < byteCount; i++)
- {
- int oSStartPos = octetString.length() - (i + 1) * 2;
- byteArray[byteCount - i - 1] = (byte) Integer.parseInt(octetString.substring(
- oSStartPos, oSStartPos + 2), 16);
- }
- return byteArray;
- }
-
- /**
- * Method evenStringLength.
- * @param hexString
- * @return String
- */
-
- private static String evenStringLength(String hexString)
- {
- return (hexString.length() % 2 != 0) ? "0" + hexString : hexString;
- }
-
- /**
- * Method getChildElement.
- * @param parent
- * @param namespace
- * @param localName
- * @param instance
- * @return Element
- */
-
- private static Element getChildElement(Element parent, String namespace, String localName,
- int instance)
- {
- NodeList namedElements = parent.getElementsByTagNameNS(namespace, localName);
- if (namedElements.getLength() < instance) return null;
- return (Element)namedElements.item(instance - 1);
- }
-
- /**
- * Method getChildElementText.
- * @param parent Element
- * @param namespace String
- * @param localName String
- * @param instance int
- * @return String
- */
-
- private static String getChildElementText(Element parent, String namespace, String localName,
- int instance)
- {
- Element child = getChildElement(parent, namespace, localName, instance);
- if (child == null) return null;
- NodeList childNodes = child.getChildNodes();
- int nodeCount = 0;
- while (nodeCount < childNodes.getLength())
- {
- Node currentNode = childNodes.item(nodeCount);
- if (currentNode.getNodeType() == Node.TEXT_NODE) return currentNode.getNodeValue();
- nodeCount++;
- }
- return null;
- }
-
- /**
- * Method getInScopeNSAttrs.
- * @param element element
- * @return HashMap
- */
- public static HashMap getInScopeNSAttrs(Element element)
- {
- // Get all ancestors of element
- Vector ancestors = new Vector();
- ancestors.add(element);
- Node currentAncestor = element;
- while ((currentAncestor = currentAncestor.getParentNode()) != null &&
- currentAncestor.getNodeType() == Node.ELEMENT_NODE)
- {
- ancestors.add(currentAncestor);
- }
-
- // Scan all ancestors for NS attributes
- HashMap inScopeNSAttrs = new HashMap();
- for (int i = ancestors.size() - 1; i >= 0; i--)
- {
- Element currentAncestorElem = (Element)ancestors.get(i);
- NamedNodeMap attrs = currentAncestorElem.getAttributes();
- for (int j = 0; j < attrs.getLength(); j++)
- {
- Attr currentAttr = (Attr)attrs.item(j);
- String currentAttrName = currentAttr.getNodeName();
- if ("xmlns".equals(currentAttrName) || currentAttrName.startsWith("xmlns:"))
- {
- inScopeNSAttrs.put(currentAttrName, currentAttr);
- }
- }
- }
-
- // Check if default NS attribute is in list; if value is empty remove it from list
- Attr defaultNSAttr = (Attr)inScopeNSAttrs.get("xmlns");
- if (defaultNSAttr != null && "".equals(defaultNSAttr.getValue())) inScopeNSAttrs.remove("xmlns");
-
- return inScopeNSAttrs;
- }
-} \ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java
deleted file mode 100644
index 4fbc58977..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java
+++ /dev/null
@@ -1,89 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parses an <code>&lt;InfoboxReadResponse&gt;</code>.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-public class ErrorResponseParser {
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */
- private static final String SL10 = Constants.SL10_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SL10 + "ErrorResponse/";
- /** Xpath expression to the ErrorCode element */
- private static final String ERROR_CODE_XPATH =
- ROOT + SL10 + "ErrorCode";
- /** Xpath expression to the Info element */
- private static final String ERROR_INFO_XPATH =
- ROOT + SL10 + "Info";
-
-
- /** This is the root element of the XML-Document provided by the Security Layer Card */
- private Element errorElement;
-
- /**
- * Constructor for InfoboxReadResponseParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as String
- * @throws ParseException on any error
- */
- public ErrorResponseParser(String xmlResponse) throws ParseException {
- try {
- InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
- errorElement = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for InfoboxReadResponseParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as InputStream
- * @throws ParseException on any error
- */
- public ErrorResponseParser(InputStream xmlResponse) throws ParseException {
- try {
- errorElement = DOMUtils.parseXmlValidating(xmlResponse);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- }
-
- /**
- * Method getErrorCode. returns the error code
- * @return String
- */
- public String getErrorCode() {
-
- return XPathUtils.getElementValue(errorElement,ERROR_CODE_XPATH,null);
- }
-
- /**
- * Method getErrorInfo: returns the information about the error
- * @return String
- */
- public String getErrorInfo() {
-
- return XPathUtils.getElementValue(errorElement,ERROR_INFO_XPATH,null);
- }
-
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
deleted file mode 100644
index f9ef54884..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
+++ /dev/null
@@ -1,266 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import java.security.interfaces.RSAPublicKey;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.security.PublicKey;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.traversal.NodeIterator;
-
-import at.gv.egovernment.moa.id.*;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parses an identity link <code>&lt;saml:Assertion&gt;</code>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class IdentityLinkAssertionParser {
-
- //
- // XPath namespace prefix shortcuts
- //
-
- /** Xpath prefix for reaching PersonData Namespaces */
- private static final String PDATA = Constants.PD_PREFIX + ":";
- /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */
- private static final String SL10 = Constants.SL10_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = Constants.SAML_PREFIX + ":";
- /** Xpath prefix for reaching XML-DSIG Namespaces */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
- /** Xpath prefix for reaching ECDS Namespaces */
- private static final String ECDSA = Constants.ECDSA_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SAML + "Assertion/";
- /** Xpath expression to the SAMLSubjectConfirmationData element */
- private static final String SAML_SUBJECT_CONFIRMATION_DATA_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Subject/"
- + SAML
- + "SubjectConfirmation/"
- + SAML
- + "SubjectConfirmationData";
- /** Xpath expression to the PersonData element */
- private static final String PERSON_XPATH =
- SAML_SUBJECT_CONFIRMATION_DATA_XPATH
- + "/"
- + PDATA
- + "Person";
- /** Xpath expression to the PersonData GivenName element */
- private static final String PERSON_GIVEN_NAME_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "Name/"
- + PDATA
- + "GivenName";
- /** Xpath expression to the PersonData FamilyName element */
- private static final String PERSON_FAMILY_NAME_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "Name/"
- + PDATA
- + "FamilyName";
- /** Xpath expression to the PersonData DateOfBirth element */
- private static final String PERSON_DATE_OF_BIRTH_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "DateOfBirth";
- /** Xpath expression to the Identification element */
- private static final String PERSON_IDENT_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "Identification";
-
- /** Xpath expression to the Identification Value element */
- private static final String PERSON_IDENT_VALUE_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "Identification/"
- + PDATA
- + "Value";
- /** Xpath expression to the RSAKeyValue element */
- private static final String RSA_KEY_VALUE_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Attribute/"
- + SAML
- + "AttributeValue/"
- + DSIG
- + "RSAKeyValue";
- /** Xpath expression to the RSA Modulus element */
- private static final String RSA_KEY_MODULUS_XPATH = DSIG + "Modulus";
- /** Xpath expression to the RSA Exponent element */
- private static final String RSA_KEY_EXPONENT_XPATH = DSIG + "Exponent";
- /** Xpath expression to the DSIG X509Certificate element */
- private static final String DSIG_CERTIFICATES_XPATH =
- ROOT
- + DSIG
- + "Signature/"
- + DSIG
- + "KeyInfo/"
- + DSIG
- + "X509Data/"
- + DSIG
- + "X509Certificate";
- /** Xpath expression to the DSIG Transforms element */
- private static final String DSIG_REFERENCE_TRANSFORMATION_XPATH =
- ROOT
- + DSIG
- + "Signature/"
- + DSIG
- + "SignedInfo/"
- + DSIG
- + "Reference/"
- + DSIG
- + "Transforms";
-
- /**This is the root element of the XML-Document provided by the Security Layer Card*/
- private Element assertionElem;
-
- /**
- * Constructor for <code>IdentityLinkAssertionParser</code>.
- * A DOM-representation of the incoming String will be created
- * @param xmlAssertion <code>&lt;saml:Assertion&gt;</code> as String
- * @throws ParseException on any parsing error
- */
- public IdentityLinkAssertionParser(String xmlAssertion) throws ParseException {
- try {
- InputStream s = new ByteArrayInputStream(xmlAssertion.getBytes("UTF-8"));
- assertionElem = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for <code>IdentityLinkAssertionParser</code>.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlAssertion <code>&lt;saml:Assertion&gt;</code> as InputStream
- * @throws ParseException on any parsing error
- */
- public IdentityLinkAssertionParser(InputStream xmlAssertion) throws Exception {
- try {
- assertionElem = DOMUtils.parseXmlValidating(xmlAssertion);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- }
-
- /**
- * Parses the identity link from the <code>&lt;saml:Assertion&gt;</code>
- * @return Identity link
- * @throws ParseException on any parsing error
- */
-
- public IdentityLink parseIdentityLink() throws ParseException {
- IdentityLink identityLink;
- try {
- identityLink = new IdentityLink();
- //ÄNDERN: NUR der Identification-Teil
- identityLink.setSamlAssertion(assertionElem);
- identityLink.setPrPerson((Element)
- XPathUtils.selectSingleNode(assertionElem, PERSON_XPATH));
- identityLink.setIdentificationValue(
- XPathUtils.getElementValue(assertionElem, PERSON_IDENT_VALUE_XPATH, ""));
- identityLink.setGivenName(
- XPathUtils.getElementValue(assertionElem, PERSON_GIVEN_NAME_XPATH, ""));
- identityLink.setFamilyName(
- XPathUtils.getElementValue(assertionElem, PERSON_FAMILY_NAME_XPATH, ""));
- identityLink.setDateOfBirth(
- XPathUtils.getElementValue(assertionElem, PERSON_DATE_OF_BIRTH_XPATH, ""));
- NodeIterator dsigRefTransforms =
- XPathUtils.selectNodeIterator(assertionElem, DSIG_REFERENCE_TRANSFORMATION_XPATH);
- List transElems = new ArrayList();
- Element transformsElem;
- while ((transformsElem = (Element) dsigRefTransforms.nextNode()) != null) {
- transElems.add(transformsElem);
- }
- Element[] result = new Element[transElems.size()];
- transElems.toArray(result);
- identityLink.setDsigReferenceTransforms(result);
-
- identityLink.setPublicKey(getPublicKeys());
-
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
-
- return identityLink;
- }
-
- /**
- * Parses an array of Public Keys from the <code>&lt;InfoboxReadResponse&gt;</code>
- * @return RSAPublicKey[]
- * @throws IOException can occur when decoding the base64 values of the modulus and exponent
- */
- public PublicKey[] getPublicKeys() throws IOException{
-
-
- List pubKeys = new ArrayList();
- //Try to get RSA-Keys
- NodeIterator rsaIter =
- XPathUtils.selectNodeIterator(assertionElem, RSA_KEY_VALUE_XPATH);
- Element rsaElem;
- while ((rsaElem = (Element) rsaIter.nextNode()) != null) {
- String modulus =
- XPathUtils.getElementValue(rsaElem, RSA_KEY_MODULUS_XPATH, "");
- String exponent =
- XPathUtils.getElementValue(rsaElem, RSA_KEY_EXPONENT_XPATH, "");
-
- RSAPublicKey resPub =
- new iaik.security.rsa.RSAPublicKey(
- new BigInteger(1, Base64Utils.decode(modulus, true)),
- new BigInteger(1, Base64Utils.decode(exponent, true)));
- pubKeys.add(resPub);}
-
- PublicKey[] result = new PublicKey[pubKeys.size()];
-
- pubKeys.toArray(result);
- return result;
-
- }
- /**
- * Parses a string array of decoded base64 certificates from
- * the <code>&lt;InfoboxReadResponse&gt;</code> found in the dsig-signature
- * @return String[] with raw-certificates from the dsig-signature keyinfo
- * @throws Exception
- */
- public String[] getCertificates() throws Exception {
- List certs = new ArrayList();
- NodeIterator rsaIter =
- XPathUtils.selectNodeIterator(assertionElem, DSIG_CERTIFICATES_XPATH);
- Element certElem;
- while ((certElem = (Element) rsaIter.nextNode()) != null) {
- String content = DOMUtils.getText(certElem);
- certs.add(new String(Base64Utils.decode(content, true)));
- }
- String[] result = new String[certs.size()];
- certs.toArray(result);
- return result;
-
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java
deleted file mode 100644
index c1146218e..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java
+++ /dev/null
@@ -1,110 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parses an <code>&lt;InfoboxReadResponse&gt;</code>.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-public class InfoboxReadResponseParser {
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */
- private static final String SL10 = Constants.SL10_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = Constants.SAML_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SL10 + "InfoboxReadResponse/";
- /** Xpath expression to the SAML:Assertion element */
- private static final String SAML_ASSERTION_XPATH = ROOT + SL10 + "BinaryFileData/" + SL10 + "XMLContent/" + SAML + "Assertion";
-
- /** This is the root element of the XML-Document provided by the Security Layer Card*/
- private Element infoBoxElem;
-
- /**
- * Constructor for InfoboxReadResponseParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as String
- * @throws ParseException on any parsing error
- */
- public InfoboxReadResponseParser(String xmlResponse) throws ParseException, AuthenticationException {
-
- ErrorResponseParser erp = new ErrorResponseParser(xmlResponse);
- if (erp.getErrorCode() != null) {
- throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()});
- }
-
- try {
-
- InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
- infoBoxElem = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for InfoboxReadResponseParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as InputStream
- * @throws ParseException on any parsing error
- */
- public InfoboxReadResponseParser(InputStream is) throws ParseException, AuthenticationException {
-
- ErrorResponseParser erp = new ErrorResponseParser(is);
- if (erp.getErrorCode() != null) {
- throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()});
- }
-
- try {
-
- infoBoxElem = DOMUtils.parseXmlValidating(is);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Parses the embedded <code>&lt;saml:Assertion&gt;</code> element from <code>&lt;InfoboxReadResponse&gt;</code>
- * @return <code>&lt;saml:Assertion&gt;</code> as String
- * @throws ParseException on any parsing error
- */
- public String parseSAMLAssertion() throws ParseException {
- try {
- Element samlAssertion = (Element) XPathUtils.selectSingleNode(infoBoxElem, SAML_ASSERTION_XPATH);
- return DOMUtils.serializeNode(samlAssertion);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Parses the identity link from the <code>&lt;saml:Assertion&gt;</code>
- * @return Identity link
- * @throws ParseException on any parsing error
- */
-
- public IdentityLink parseIdentityLink() throws ParseException {
- String samlAssertionString = parseSAMLAssertion();
- IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertionString);
- return ilParser.parseIdentityLink();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java
deleted file mode 100644
index 7c4c01abe..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java
+++ /dev/null
@@ -1,58 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import java.io.IOException;
-
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * Parser for a SAML artifact.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLArtifactParser {
- /** byte array containing the SamlArtifact bytes */
- private byte[] samlArtifactBytes;
-
- /**
- * Constructor
- * @param samlArtifact as String
- * @throws ParseException on any parsing error
- */
- public SAMLArtifactParser(String samlArtifact) throws ParseException {
- try {
- samlArtifactBytes = Base64Utils.decode(samlArtifact, false);
- }
- catch (IOException ex) {
- throw new ParseException("parser.02", new Object[] {ex.toString()}, ex);
- }
- }
- /**
- * Parses the type code.
- * @return type code
- * @throws ParseException when SAML artifact is invalid
- */
- public byte[] parseTypeCode() throws ParseException {
- try {
- byte[] typeCode = new byte[] {samlArtifactBytes[0], samlArtifactBytes[1]};
- return typeCode;
- }
- catch (Throwable ex) {
- throw new ParseException("parser.02", new Object[] {ex.toString()}, ex);
- }
- }
- /**
- * Parses the assertion handle.
- * @return assertion handle
- * @throws ParseException when SAML artifact is invalid
- */
- public String parseAssertionHandle() throws ParseException {
- try {
- return new String(samlArtifactBytes, 22, 20);
- }
- catch (Throwable ex) {
- throw new ParseException("parser.02", new Object[] {ex.toString()}, ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
deleted file mode 100644
index c74dc64e8..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
+++ /dev/null
@@ -1,159 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import iaik.utils.Base64InputStream;
-import iaik.x509.X509Certificate;
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.*;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parses a <code>&lt;VerifyXMLSignatureResponse&gt;</code> returned by
- * MOA-SPSS.
- * This class implements the Singleton pattern
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-
-public class VerifyXMLSignatureResponseParser {
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching MOA Namespaces */
- private static final String MOA = Constants.MOA_PREFIX + ":";
- /** Xpath prefix for reaching DSIG Namespaces */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
- /** Xpath prefix for reaching SecurityLayer 1.1 Namespaces */
- private static final String SL11 = Constants.SL11_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/";
-
- /** Xpath expression to the X509SubjectName element */
- private static final String DSIG_SUBJECT_NAME_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- DSIG + "X509SubjectName";
- /** Xpath expression to the X509Certificate element */
- private static final String DSIG_X509_CERTIFICATE_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- DSIG + "X509Certificate";
- /** Xpath expression to the PublicAuthority element */
- private static final String PUBLIC_AUTHORITY_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- MOA + "PublicAuthority";
- /** Xpath expression to the PublicAuthorityCode element */
- private static final String PUBLIC_AUTHORITY_CODE_XPATH =
- PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code";
- /** Xpath expression to the QualifiedCertificate element */
- private static final String QUALIFIED_CERTIFICATE_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- SL11 + "QualifiedCertificate";
-
- /** Xpath expression to the SignatureCheckCode element */
- private static final String SIGNATURE_CHECK_CODE_XPATH =
- ROOT + MOA + "SignatureCheck/" + MOA + "Code";
- /** Xpath expression to the XMLDSIGManifestCheckCode element */
- private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH =
- ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code";
- /** Xpath expression to the CertificateCheckCode element */
- private static final String CERTIFICATE_CHECK_CODE_XPATH =
- ROOT + MOA + "CertificateCheck/" + MOA + "Code";
-
-
- /** This is the root element of the XML-Document provided by the Security Layer Card*/
- private Element verifyXMLSignatureResponse;
-
- /**
- * Constructor for VerifyXMLSignatureResponseParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as String
- * @throws ParseException on any parsing error
- */
- public VerifyXMLSignatureResponseParser(String xmlResponse) throws ParseException{
- try {
- InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
-
- verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", null, t);
- }
- }
-
- /**
- * Constructor for VerifyXMLSignatureResponseParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as InputStream
- * @throws Exception on any parsing error
- */
- public VerifyXMLSignatureResponseParser(InputStream xmlResponse) throws Exception
- {
- try {
- verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", null, t);
- }
- }
-
- /**
- * Constructor for VerifyXMLSignatureResponseParser.
- * The incoming Element will be used for further operations
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as Element
- */
- public VerifyXMLSignatureResponseParser(Element xmlResponse)
- {
- verifyXMLSignatureResponse =xmlResponse;
-
- }
-
- /**
- * Parse identity link from <code>&lt;InfoboxReadResponse&gt;</code>
- * @return Identity link
- * @throws ParseException on any parsing error
- */
-
- public VerifyXMLSignatureResponse parseData() throws ParseException {
- VerifyXMLSignatureResponse respData=new VerifyXMLSignatureResponse();
-
- try {
-
- respData.setXmlDsigSubjectName(XPathUtils.getElementValue(verifyXMLSignatureResponse,DSIG_SUBJECT_NAME_XPATH,""));
- Element e = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,QUALIFIED_CERTIFICATE_XPATH);
- respData.setQualifiedCertificate(e!=null);
-
- Base64InputStream in = new Base64InputStream(new ByteArrayInputStream(XPathUtils.getElementValue(
- verifyXMLSignatureResponse,DSIG_X509_CERTIFICATE_XPATH,"").getBytes("UTF-8")),true);
-
- respData.setX509certificate(new X509Certificate(in));
-
- Element publicAuthority = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH);
- respData.setPublicAuthority(publicAuthority != null);
- respData.setPublicAuthorityCode(XPathUtils.getElementValue(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH,""));
- respData.setSignatureCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_CHECK_CODE_XPATH,"")).intValue());
-
- String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,XMLDSIG_MANIFEST_CHECK_CODE_XPATH,null);
- if (xmlDsigCheckCode!=null)
- {
- respData.setXmlDSIGManigest(true);
- respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue());
- }
- else
- respData.setXmlDSIGManigest(false);
- respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue());
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", null, t);
- }
- return respData;
- }
-
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
deleted file mode 100644
index 6ff52bc4a..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
+++ /dev/null
@@ -1,156 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.WrongParametersException;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.URLDecoder;
-
-/**
- * Base class for MOA-ID Auth Servlets, providing standard error handling
- * and constant names.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
-
-
- /**
- * Handles an error. <br>
- * <ul>
- * <li>Logs the error</li>
- * <li>Places error message and exception thrown into the request
- * as request attributes (to be used by <code>"/errorpage.jsp"</code>)</li>
- * <li>Sets HTTP status 500 (internal server error)</li>
- * </ul>
- *
- * @param errorMessage error message
- * @param exceptionThrown exception thrown
- * @param req servlet request
- * @param resp servlet response
- */
- protected void handleError(
- String errorMessage, Throwable exceptionThrown, HttpServletRequest req, HttpServletResponse resp) {
-
-
- if(null != errorMessage) {
- Logger.error(errorMessage);
- req.setAttribute("ErrorMessage", errorMessage );
- }
-
- if (null != exceptionThrown) {
- if(null == errorMessage) errorMessage = exceptionThrown.getMessage();
- Logger.error(errorMessage, exceptionThrown);
- req.setAttribute("ExceptionThrown", exceptionThrown);
- }
-
- //forward this to errorpage.jsp wher the HTML error page is generated
- ServletContext context = getServletContext();
- RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage.jsp");
- try {
- dispatcher.forward(req, resp);
- } catch (ServletException e) {
- Logger.error(e);
- } catch (IOException e) {
- Logger.error(e);
- }
-
- }
- /**
- * Handles a <code>WrongParametersException</code>.
- * @param req servlet request
- * @param resp servlet response
- */
- protected void handleWrongParameters(WrongParametersException ex, HttpServletRequest req, HttpServletResponse resp) {
- Logger.error(ex.toString());
- req.setAttribute("WrongParameters", ex.getMessage());
-
- // forward this to errorpage.jsp where the HTML error page is generated
- ServletContext context = getServletContext();
- RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage.jsp");
- try {
- dispatcher.forward(req, resp);
- } catch (ServletException e) {
- Logger.error(e);
- } catch (IOException e) {
- Logger.error(e);
- }
- }
-
- /**
- * Logs all servlet parameters for debugging purposes.
- */
- protected void logParameters(HttpServletRequest req) {
- for (Enumeration enum = req.getParameterNames(); enum.hasMoreElements(); ) {
- String parname = (String)enum.nextElement();
- Logger.debug("Parameter " + parname + req.getParameter(parname));
- }
- }
- /**
- * Parses the request input stream for parameters,
- * assuming parameters are encoded UTF-8.
- * @param req servlet request
- * @return mapping parameter name -> value
- */
- protected Map getParameters(HttpServletRequest req) throws IOException {
- Map parameters = new HashMap();
- InputStream in = req.getInputStream();
- String paramName;
- String paramValueURLEncoded;
- do {
- paramName = new String(readBytesUpTo(in, '='));
- if (paramName.length() > 0) {
- paramValueURLEncoded = readBytesUpTo(in, '&');
- String paramValue = URLDecoder.decode(paramValueURLEncoded, "UTF-8");
- parameters.put(paramName, paramValue);
- }
- }
- while (paramName.length() > 0);
- in.close();
-
- return parameters;
- }
- /**
- * Reads bytes up to a delimiter, consuming the delimiter.
- * @param in input stream
- * @param delimiter delimiter character
- * @return String constructed from the read bytes
- * @throws IOException
- */
- protected String readBytesUpTo(InputStream in, char delimiter) throws IOException {
- ByteArrayOutputStream bout = new ByteArrayOutputStream();
- boolean done = false;
- int b;
- while (! done && (b = in.read()) >= 0) {
- if (b == delimiter)
- done = true;
- else
- bout.write(b);
- }
- return bout.toString();
- }
-
- /**
- * Calls the web application initializer.
- *
- * @see javax.servlet.Servlet#init(ServletConfig)
- */
- public void init(ServletConfig servletConfig) throws ServletException {
- super.init(servletConfig);
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java
deleted file mode 100644
index 1dc1897b2..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java
+++ /dev/null
@@ -1,80 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.text.DateFormat;
-import java.util.Date;
-import java.util.Locale;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet requested for updating the MOA-ID Auth configuration from configuration file
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ConfigurationServlet extends HttpServlet {
- /** Constant for the DTD-Doc type */
- private static final String DOC_TYPE =
- "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n";
-
- /**
- * Handle a HTTP GET request, used to indicated that the MOA
- * configuration needs to be updated (reloaded).
- *
- * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
- */
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
-
- MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance();
- PrintWriter out;
-
- response.setContentType("text/html");
- out = response.getWriter();
- out.println(DOC_TYPE);
- out.println("<head><title>MOA configuration update</title></head>");
- out.println("<body bgcolor=\"#FFFFFF\">");
- try {
- MOAIDAuthInitializer.initialized=false;
- MOAIDAuthInitializer.initialize();
- String message = msg.getMessage("config.00", new Object[]
- { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} );
-
- Logger.info(message);
- //TODO low-priority: change to ErrorPage
- out.println("<p><b>");
- out.println(message);
- out.println("</b></p>");
- } catch (Throwable t) {
- String errorMessage = msg.getMessage("config.04", null);
- Logger.error(errorMessage, t);
- out.println("<p><b>");
- out.println(errorMessage);
- out.println("</b></p>");
- }
- out.println("</body>");
-
- out.flush();
- out.close();
- }
-
- /**
- * Do the same as <code>doGet</code>.
- *
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
- */
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- doGet(request, response);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java
deleted file mode 100644
index c41b514c8..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java
+++ /dev/null
@@ -1,135 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.util.Calendar;
-
-import org.apache.axis.AxisFault;
-import org.w3c.dom.Element;
-
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.SAMLResponseBuilder;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Web service for picking up authentication data created in the MOA-ID Auth component.
- *
- * @author Paul Ivancsics
- * @version $Id$
- * @see at.gv.egovernment.moa.id.auth.AuthenticationServer#getAuthenticationData
- */
-public class GetAuthenticationDataService implements Constants {
-
- /**
- * Constructor for GetAuthenticationDataService.
- */
- public GetAuthenticationDataService() {
- super();
- }
-
- /**
- * Takes a <code>lt;samlp:Request&gt;</code> containing a
- * <code>SAML artifact</code> and returns the corresponding
- * authentication data <code>lt;saml:Assertion&gt;</code>
- * (obtained from the <code>AuthenticationServer</code>),
- * enclosed in a <code>lt;samlp:Response&gt;</code>.
- * <br/>Bad requests are mapped into various <code>lt;samlp:StatusCode&gt;</code>s,
- * possibly containing enclosed sub-<code>lt;samlp:StatusCode&gt;</code>s.
- * The status codes are defined in the SAML specification.
- *
- * @param requests request elements of type <code>lt;samlp:Request&gt;</code>;
- * only 1 request element is allowed
- * @return response element of type <code>lt;samlp:Response&gt;</code>,
- * packed into an <code>Element[]</code>
- * @throws AxisFault thrown when an error occurs in assembling the
- * <code>lt;samlp:Response&gt;</code>
- */
- public Element[] Request(Element[] requests)
- throws AxisFault {
-
- Element request = requests[0];
- Element[] responses = new Element[1];
- String requestID = "";
- String statusCode = "";
- String subStatusCode = null;
- String statusMessageCode = null;
- String statusMessage = null;
- String samlAssertion = "";
- if (requests.length > 1) {
- // more than 1 request given as parameter
- statusCode = "samlp:Requester";
- subStatusCode = "samlp:TooManyResponses";
- statusMessageCode = "1201";
- }
- else {
- try {
- DOMUtils.validateElement(request, ALL_SCHEMA_LOCATIONS, null);
- NodeList samlArtifactList = XPathUtils.selectNodeList(request, "samlp:AssertionArtifact");
- if (samlArtifactList.getLength() == 0) {
- // no SAML artifact given in request
- statusCode = "samlp:Requester";
- statusMessageCode = "1202";
- }
- else if (samlArtifactList.getLength() > 1) {
- // too many SAML artifacts given in request
- statusCode = "samlp:Requester";
- subStatusCode = "samlp:TooManyResponses";
- statusMessageCode = "1203";
- }
- else {
- Element samlArtifactElem = (Element)samlArtifactList.item(0);
- requestID = samlArtifactElem.getAttribute("RequestID");
- String samlArtifact = DOMUtils.getText(samlArtifactElem);
- try {
- AuthenticationData authData = AuthenticationServer.getInstance().
- getAuthenticationData(samlArtifact);
- // success
- samlAssertion = authData.getSamlAssertion();
- statusCode = "samlp:Success";
- statusMessageCode = "1200";
- }
- catch (AuthenticationException ex) {
- // no authentication data for given SAML artifact
- statusCode = "samlp:Requester";
- subStatusCode = "samlp:ResourceNotRecognized";
- statusMessage = ex.toString();
- }
- }
- }
- catch (Throwable t) {
- // invalid request format
- statusCode = "samlp:Requester";
- statusMessageCode = "1204";
- }
- }
- try {
- String responseID = Random.nextRandom();
- String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance());
- if (statusMessage == null)
- statusMessage = MOAIDMessageProvider.getInstance().getMessage(statusMessageCode, null);
- responses[0] = new SAMLResponseBuilder().build(
- responseID, requestID, issueInstant, statusCode, subStatusCode, statusMessage, samlAssertion);
- }
- catch (MOAIDException e) {
- AxisFault fault = AxisFault.makeFault(e);
- fault.setFaultDetail(new Element[] { e.toErrorResponse()});
- throw fault;
- }
- catch (Throwable t) {
- MOAIDException e = new MOAIDException("1299", null, t);
- AxisFault fault = AxisFault.makeFault(e);
- fault.setFaultDetail(new Element[] { e.toErrorResponse()});
- throw fault;
- }
- return responses;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
deleted file mode 100644
index 422ddf0a3..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
+++ /dev/null
@@ -1,96 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
-import at.gv.egovernment.moa.id.auth.WrongParametersException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet requested for selecting a BKU.
- * <br>In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLComplete,
- * the browser is redirected to the configured "BKU-Auswahl-URL".
- * <br>In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLSelect,
- * the list of available BKU's is fetched from a BKU-Auswahl server, and presented
- * to the user in an HTML form.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SelectBKUServlet extends AuthServlet {
-
- /**
- * Calls the web application initializer.
- *
- * @see javax.servlet.Servlet#init(ServletConfig)
- */
- public void init(ServletConfig servletConfig) throws ServletException {
- try {
- super.init(servletConfig);
- MOAIDAuthInitializer.initialize();
- Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null));
- }
- catch (Exception ex) {
- Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex);
- throw new ServletException(ex);
- }
- }
-
- /**
- * Responds with an HTML form which requests the user to choose a BKU.
- */
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- Logger.debug("GET SelectBKU");
- String authURL =
- req.getScheme() + "://" +
- req.getServerName() + ":" +
- req.getServerPort() +
- req.getContextPath() + "/";
- String target = req.getParameter(PARAM_TARGET);
- String oaURL = req.getParameter(PARAM_OA);
- String bkuSelectionTemplateURL = req.getParameter(PARAM_BKUTEMPLATE);
- String templateURL = req.getParameter(PARAM_TEMPLATE);
- resp.setHeader(HEADER_EXPIRES,HEADER_VALUE_EXPIRES);
- resp.setHeader(HEADER_PRAGMA,HEADER_VALUE_PRAGMA);
- resp.setHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL_IE);
-
- try {
- String returnValue = AuthenticationServer.getInstance().selectBKU(
- authURL, target, oaURL, bkuSelectionTemplateURL, templateURL);
- String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType();
- if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) {
- // bkuSelectionType==HTMLComplete
- String redirectURL = returnValue;
- resp.sendRedirect(redirectURL);
- Logger.info("REDIRECT TO: " + redirectURL);
- }
- else {
- // bkuSelectionType==HTMLSelect
- String htmlForm = returnValue;
- resp.setContentType("text/html");
- PrintWriter out = new PrintWriter(resp.getOutputStream());
- out.print(htmlForm);
- out.flush();
- Logger.debug("Finished GET SelectBKU");
- }
- }
- catch (WrongParametersException ex) {
- handleWrongParameters(ex, req, resp);
- }
- catch (Throwable ex) {
- handleError(null, ex, req, resp);
- }
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
deleted file mode 100644
index 6308742bf..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
+++ /dev/null
@@ -1,103 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
-import at.gv.egovernment.moa.id.auth.WrongParametersException;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet requested for starting a MOA ID authentication session.
- * Utilizes the {@link AuthenticationServer}.
- *
- * @author Paul Ivancsics
- * @version $Id$
- * @see AuthenticationServer#startAuthentication
- */
-public class StartAuthenticationServlet extends AuthServlet {
-
- /**
- * Responds with an HTML form which upon submit requests the identity link
- * from the security layer implementation.
- * <br>
- * Response:
- * <ul>
- * <li>Content type: <code>"text/html"</code></li>
- * <li>Content: see return value of {@link AuthenticationServer#startAuthentication}</li>
- * <li>Error status: <code>500</code>
- * </ul>
- * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
- */
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- Logger.debug("GET StartAuthentication");
- String authURL =
- req.getScheme() + "://" +
- req.getServerName() + ":" +
- req.getServerPort() +
- req.getContextPath() + "/";
- String target = req.getParameter(PARAM_TARGET);
- String oaURL = req.getParameter(PARAM_OA);
- String bkuURL = req.getParameter(PARAM_BKU);
- String templateURL = req.getParameter(PARAM_TEMPLATE);
- String sessionID = req.getParameter(PARAM_SESSIONID);
- resp.setHeader(HEADER_EXPIRES,HEADER_VALUE_EXPIRES);
- resp.setHeader(HEADER_PRAGMA,HEADER_VALUE_PRAGMA);
- resp.setHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL_IE);
- try {
- String getIdentityLinkForm =
- AuthenticationServer.getInstance().startAuthentication(authURL, target, oaURL, templateURL, bkuURL, sessionID);
- resp.setContentType("text/html");
- PrintWriter out = new PrintWriter(resp.getOutputStream());
- out.print(getIdentityLinkForm);
- out.flush();
- Logger.debug("Finished GET StartAuthentication");
- }
- catch (WrongParametersException ex) {
- handleWrongParameters(ex, req, resp);
- }
- catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
- }
- }
-
-
- /**
- * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- protected void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- doGet(req, resp);
- }
-
-
- /**
- * Calls the web application initializer.
- *
- * @see javax.servlet.Servlet#init(ServletConfig)
- */
- public void init(ServletConfig servletConfig) throws ServletException {
- try {
- super.init(servletConfig);
- MOAIDAuthInitializer.initialize();
- Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null));
- }
- catch (Exception ex) {
- Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex);
- throw new ServletException(ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
deleted file mode 100644
index eda0c6726..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ /dev/null
@@ -1,109 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-import java.net.URLEncoder;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet requested for verifying the signed authentication block
- * provided by the security layer implementation.
- * Utilizes the {@link AuthenticationServer}.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class VerifyAuthenticationBlockServlet extends AuthServlet {
-
-
- /**
- * Constructor for VerifyAuthenticationBlockServlet.
- */
- public VerifyAuthenticationBlockServlet() {
- super();
- }
-
- /**
- * GET requested by security layer implementation to verify
- * that data URL resource is available.
- * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
- */
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- Logger.debug("GET VerifyAuthenticationBlock");
- }
-
- /**
- * Verifies the signed authentication block and redirects the browser
- * to the online application requested, adding a parameter needed for
- * retrieving the authentication data.
- * <br>
- * Request parameters:
- * <ul>
- * <li>MOASessionID: ID of associated authentication session</li>
- * <li>XMLResponse: <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
- * </ul>
- * Response:
- * <ul>
- * <li>Status: <code>302</code></li>
- * <li>Header <code>"Location"</code>: URL of the online application requested, with
- * parameters <code>"Target"</code> and <code>"SAMLArtifact"</code> added</li>
- * <li>Error status: <code>500</code>
- * </ul>
- * @see AuthenticationServer#verifyAuthenticationBlock
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
- */
- protected void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- Logger.debug("POST VerifyAuthenticationBlock");
- Map parameters = getParameters(req);
- String sessionID = req.getParameter(PARAM_SESSIONID);
- String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
-
- // debug XMLSignatureResponse from BKU
- if(null != createXMLSignatureResponse)
- AuthenticationServer.debugOutputXMLFile("CreateXMLSignatureResponse.xml", createXMLSignatureResponse);
- try {
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
- String samlArtifactBase64 =
- AuthenticationServer.getInstance().verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- String redirectURL = session.getOAURLRequested();
- redirectURL = addURLParameter(redirectURL, PARAM_TARGET, session.getTarget());
- redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64));
- redirectURL = resp.encodeRedirectURL(redirectURL);
- resp.setStatus(302);
- resp.addHeader("Location", redirectURL);
- Logger.debug("REDIRECT TO: " + redirectURL);
- }
-
- catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
- }
-
- }
- /**
- * Adds a parameter to a URL.
- * @param url the URL
- * @param paramname parameter name
- * @param paramvalue parameter value
- * @return the URL with parameter added
- */
- private static String addURLParameter(String url, String paramname, String paramvalue) {
- String param = paramname + "=" + paramvalue;
- if (url.indexOf("?") < 0)
- return url + "?" + param;
- else
- return url + "&" + param;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
deleted file mode 100644
index 55bce7af3..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
+++ /dev/null
@@ -1,95 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet requested for verifying the identity link
- * provided by the security layer implementation.
- * Utilizes the {@link AuthenticationServer}.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class VerifyIdentityLinkServlet extends AuthServlet {
-
- /**
- * Constructor for VerifyIdentityLinkServlet.
- */
- public VerifyIdentityLinkServlet() {
- super();
- }
-
- /**
- * GET requested by security layer implementation to verify
- * that data URL resource is available.
- * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
- */
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- Logger.debug("GET VerifyIdentityLink");
- }
-
- /**
- * Verifies the identity link and responds with a new
- * <code>CreateXMLSignatureRequest</code>.
- * <br>
- * Request parameters:
- * <ul>
- * <li>MOASessionID: ID of associated authentication session</li>
- * <li>XMLResponse: <code>&lt;InfoboxReadResponse&gt;</code></li>
- * </ul>
- * Response:
- * <ul>
- * <li>Content type: <code>"text/xml"</code></li>
- * <li>Content: see return value of {@link AuthenticationServer#verifyIdentityLink}</li>
- * <li>Error status: <code>500</code>
- * </ul>
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
- */
- protected void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- Logger.debug("POST VerifyIdentityLink");
- Map parameters = getParameters(req);
- String sessionID = req.getParameter(PARAM_SESSIONID);
- String infoboxReadResponse = (String)parameters.get(PARAM_XMLRESPONSE);
- // debug output
- if(null != infoboxReadResponse)
- AuthenticationServer.debugOutputXMLFile("InfoboxReadResponse.xml", infoboxReadResponse);
- try {
- String createXMLSignatureRequest =
- AuthenticationServer.getInstance().verifyIdentityLink(sessionID, infoboxReadResponse);
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
- resp.setStatus(307);
- String dataURL = new DataURLBuilder().buildDataURL(
- session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID);
- resp.addHeader("Location", dataURL);
- resp.setContentType("text/xml");
- // debug output
- if(null != createXMLSignatureRequest)
- AuthenticationServer.debugOutputXMLFile("CreateXMLSignatureRequest.xml", createXMLSignatureRequest);
- OutputStream out = resp.getOutputStream();
- out.write(createXMLSignatureRequest.getBytes("UTF-8"));
- out.flush();
- out.close();
- Logger.debug("Finished POST VerifyIdentityLink");
- }
- catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
deleted file mode 100644
index e596e79a4..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ /dev/null
@@ -1,106 +0,0 @@
-package at.gv.egovernment.moa.id.auth.validator;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.SAMLAttribute;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- *
- * This class is used to validate an {@link CreateXMLSignatureResponse}
- * returned by the security layer.
- * This class implements the Singleton pattern.
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class CreateXMLSignatureResponseValidator {
-
- /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */
- private static final String SAML = Constants.SAML_PREFIX + ":";
- /** Xpath prefix for reaching XML-DSIG Namespaces */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
- /** Xpath expression to the SAML:Assertion element */
- private static final String ROOT = SAML + "Assertion";
- /** Xpath expression to the SAML:NameIdentifier element */
- private static final String SAML_SUBJECT_NAME_IDENTIFIER_XPATH =
- SAML + "AttributeStatement/" + SAML + "Subject/" +
- SAML + "NameIdentifier";
- /** Xpath expression to the SAML:Attribute element */
- private static final String SAML_ATTRIBUTE_XPATH =
- ROOT + "/" + SAML + "AttributeStatement/" + SAML + "Attribute";
- /** Xpath expression to the SAML:AttributeValue element */
- private static final String SAML_ATTRIBUTE_VALUE_XPATH =
- SAML + "AttributeValue";
-
-
- /** Singleton instance. <code>null</code>, if none has been created. */
- private static CreateXMLSignatureResponseValidator instance;
-
- /**
- * Constructor for a singleton CreateXMLSignatureResponseValidator.
- * @return an instance of CreateXMLSignatureResponseValidator
- * @throws ValidateException if no instance can be created
- */
- public static synchronized CreateXMLSignatureResponseValidator getInstance()
- throws ValidateException {
- if (instance == null) {
- instance = new CreateXMLSignatureResponseValidator();
- }
- return instance;
- }
-
-
- /**
- * The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse}
- * @param createXMLSignatureResponse
- * @param gbTarget
- * @param oaURL
- * @throws ValidateException
- */
- public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, String gbTarget, String oaURL)
- throws ValidateException {
-
- // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier
-
- XPathUtils.selectNodeList(createXMLSignatureResponse.getSamlAssertion(),SAML_SUBJECT_NAME_IDENTIFIER_XPATH);
-
- SAMLAttribute[] samlattributes = createXMLSignatureResponse.getSamlAttributes();
- boolean foundOA = false;
- boolean foundGB = false;
- for (int i = 0; i < samlattributes.length; i++)
- {
- if (samlattributes[i].getName().equals("Geschäftsbereich"))
- if (samlattributes[i].getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#"))
-
- {
- foundGB = true;
- if (!gbTarget.equals(samlattributes[i].getValue()))
- {
- throw new ValidateException("validator.13", null);
- }
- }
- else throw new ValidateException("validator.12", null);
- if (samlattributes[i].getName().equals("OA"))
- if (samlattributes[i].getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#"))
- {
- foundOA = true;
- if (!oaURL.equals(samlattributes[i].getValue())) // CHECKS für die AttributeVALUES fehlen noch
- {
- throw new ValidateException("validator.16", new Object[] {":gefunden wurde '" + oaURL + "', erwartet wurde '" + samlattributes[i].getValue()});
- }
-
- }
- else throw new ValidateException("validator.15", null);
- }
- if (!foundOA) throw new ValidateException("validator.14", null);
- if (!foundGB) throw new ValidateException("validator.11", null);
-
- //Check if dsig:Signature exists
- Element dsigSignature = (Element) XPathUtils.selectSingleNode(createXMLSignatureResponse.getSamlAssertion(),DSIG + "Signature");
- if (dsigSignature==null) throw new ValidateException("validator.05", null);
-
-
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java
deleted file mode 100644
index 42e3e946f..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java
+++ /dev/null
@@ -1,156 +0,0 @@
-package at.gv.egovernment.moa.id.auth.validator;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- *
- * This class is used to validate an {@link IdentityLink}
- * returned by the security layer
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class IdentityLinkValidator implements Constants {
-
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching PersonData Namespaces */
- private static final String PDATA = PD_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = SAML_PREFIX + ":";
- /** Xpath prefix for reaching XML-DSIG Namespaces */
- private static final String DSIG = DSIG_PREFIX + ":";
- /** Xpath prefix for reaching ECDSA Namespaces */
- private static final String ECDSA = ECDSA_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SAML + "Assertion/";
- /** Xpath expression to the SAML:SubjectConfirmationData element */
- private static final String SAML_SUBJECT_CONFIRMATION_DATA_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Subject/"
- + SAML
- + "SubjectConfirmation/"
- + SAML
- + "SubjectConfirmationData";
-/** Xpath expression to the PersonData:Person element */
- private static final String PERSON_XPATH =
- SAML_SUBJECT_CONFIRMATION_DATA_XPATH + "/" + PDATA + "Person";
- /** Xpath expression to the SAML:Attribute element */
- private static final String ATTRIBUTE_XPATH =
- ROOT + SAML + "AttributeStatement/" + SAML + "Attribute";
- /** Xpath expression to the SAML:AttributeName attribute */
- private static final String ATTRIBUTE_NAME_XPATH =
- ROOT + SAML + "AttributeStatement/" + SAML + "Attribute/@AttributeName";
- /** Xpath expression to the SAML:AttributeNamespace attribute */
- private static final String ATTRIBUTE_NAMESPACE_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Attribute/@AttributeNamespace";
- /** Xpath expression to the SAML:AttributeValue element */
- private static final String ATTRIBUTE_VALUE_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Attribute/"
- + SAML
- + "AttributeValue";
-
- /** Singleton instance. <code>null</code>, if none has been created. */
- private static IdentityLinkValidator instance;
-
- /**
- * Constructor for a singleton IdentityLinkValidator.
- * @return a new IdentityLinkValidator instance
- * @throws ValidateException if no instance can be created
- */
- public static synchronized IdentityLinkValidator getInstance()
- throws ValidateException {
- if (instance == null) {
- instance = new IdentityLinkValidator();
- }
- return instance;
- }
-
- /**
- * Method validate. Validates the {@link IdentityLink}
- * @param identityLink The identityLink to validate
- * @throws ValidateException on any validation error
- */
- public void validate(IdentityLink identityLink) throws ValidateException {
-
- //Search the SAML:ASSERTION Object (A2.054)
- if (identityLink.getSamlAssertion() == null)
- throw new ValidateException("validator.00", null);
-
- // Check how many saml:Assertion/saml:AttributeStatement/
- // saml:Subject/ saml:SubjectConfirmation/
- // saml:SubjectConfirmationData/pr:Person of type
- // PhysicalPersonType exist (A2.056)
- NodeList nl =
- XPathUtils.selectNodeList(identityLink.getSamlAssertion(), PERSON_XPATH);
- // If we have just one Person-Element we don't need to check the attributes
- int counterPhysicalPersonType = 0;
- if (nl.getLength() > 1)
- for (int i = 0; i < nl.getLength(); i++) {
- String xsiType =
- ((Element) nl.item(i))
- .getAttributeNodeNS(
- "http://www.w3.org/2001/XMLSchema-instance",
- "type")
- .getNodeValue();
- // We have to check if xsiType contains "PhysicalPersonType"
- // An equal-check will fail because of the Namespace-prefix of the attribute value
- if (xsiType.indexOf("PhysicalPersonType") > -1)
- counterPhysicalPersonType++;
- }
- if (counterPhysicalPersonType > 1)
- throw new ValidateException("validator.01", null);
-
- //Check the SAML:ATTRIBUTES
- nl = XPathUtils.selectNodeList(identityLink.getSamlAssertion(), ATTRIBUTE_XPATH);
- for (int i = 0; i < nl.getLength(); i++) {
- String attributeName =
- XPathUtils.getAttributeValue(
- (Element) nl.item(i),
- "@AttributeName",
- null);
- String attributeNS =
- XPathUtils.getAttributeValue(
- (Element) nl.item(i),
- "@AttributeNamespace",
- null);
- if (attributeName.equals("CitizenPublicKey")) {
- if (attributeNS.equals("http://www.buergerkarte.at/namespaces/personenbindung/20020506#")) {
- Element attributeValue =
- (Element) XPathUtils.selectSingleNode((Element) nl.item(i),SAML + "AttributeValue/" + DSIG + "RSAKeyValue");
- if (attributeValue==null)
- attributeValue =
- (Element) XPathUtils.selectSingleNode((Element)nl.item(i), SAML + "AttributeValue/" + ECDSA + "ECDSAKeyValue");
- if (attributeValue == null)
- throw new ValidateException("validator.02", null);
- }
- else
- throw new ValidateException("validator.03", null);
- }
- else
- throw new ValidateException("validator.04", null);
- }
-
- //Check if dsig:Signature exists
- Element dsigSignature = (Element) XPathUtils.selectSingleNode(identityLink.getSamlAssertion(),ROOT + DSIG + "Signature");
- if (dsigSignature==null) throw new ValidateException("validator.05", null);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/ValidateException.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/ValidateException.java
deleted file mode 100644
index a6685fca8..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/ValidateException.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package at.gv.egovernment.moa.id.auth.validator;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception thrown while validating an incoming XML structure
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ValidateException extends MOAIDException {
-
- /**
- * Constructor for ValidateException.
- * @param messageId
- * @param parameters
- */
- public ValidateException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for ValidateException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public ValidateException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
deleted file mode 100644
index 8de475f95..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ /dev/null
@@ -1,125 +0,0 @@
-package at.gv.egovernment.moa.id.auth.validator;
-
-import java.security.PublicKey;
-import java.security.interfaces.RSAPublicKey;
-
-import iaik.asn1.structures.Name;
-import iaik.utils.RFC2253NameParserException;
-import iaik.x509.X509Certificate;
-
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-
-/**
- * This class is used to validate an {@link VerifyXMLSignatureResponse}
- * returned by MOA-SPSS
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class VerifyXMLSignatureResponseValidator {
-
- /** Identification string for checking identity link */
- public static final String CHECK_IDENTITY_LINK = "IdentityLink";
- /** Identification string for checking authentication block */
- public static final String CHECK_AUTH_BLOCK = "AuthBlock";
-
- /** Singleton instance. <code>null</code>, if none has been created. */
- private static VerifyXMLSignatureResponseValidator instance;
-
- /**
- * Constructor for a singleton VerifyXMLSignatureResponseValidator.
- */
- public static synchronized VerifyXMLSignatureResponseValidator getInstance()
- throws ValidateException {
- if (instance == null) {
- instance = new VerifyXMLSignatureResponseValidator();
- }
- return instance;
- }
-
- /**
- * Validates a {@link VerifyXMLSignatureResponse} returned by MOA-SPSS.
- *
- * @param verifyXMLSignatureResponse the <code>&lt;VerifyXMLSignatureResponse&gt;</code>
- * @param identityLinkSignersSubjectDNNames subject names configured
- * @param whatToCheck is used to identify whether the identityLink or the Auth-Block is validated
- * @throws ValidateException on any validation error
- */
- public void validate(
- VerifyXMLSignatureResponse verifyXMLSignatureResponse,
- String[] identityLinkSignersSubjectDNNames, String whatToCheck)
- throws ValidateException {
-
- if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
- throw new ValidateException("validator.06", null);
- //TODO enhance error messages (reason why check failed)
- if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0)
- if (whatToCheck.equals(CHECK_IDENTITY_LINK))
- throw new ValidateException("validator.07", null);
- else
- throw new ValidateException("validator.19", null);
- if (verifyXMLSignatureResponse.isXmlDSIGManigest())
- if (verifyXMLSignatureResponse.getXmlDSIGManifestCheckCode() != 0)
- throw new ValidateException("validator.08", null);
- //Check whether the returned X509 SubjectName is in the MOA-ID configuration or not
- if (identityLinkSignersSubjectDNNames != null) {
- String subjectDN = "";
- X509Certificate x509Cert = verifyXMLSignatureResponse.getX509certificate();
- try {
- subjectDN = ((Name) x509Cert.getSubjectDN()).getRFC2253String();
- }
- catch (RFC2253NameParserException e) {
- throw new ValidateException("validator.17", null);
- }
- boolean found = false;
- for (int i = 0; i < identityLinkSignersSubjectDNNames.length; i++) {
- if (identityLinkSignersSubjectDNNames[i].equals(subjectDN))
- found = true;
- }
- if (!found)
- throw new ValidateException(
- "validator.18",
- new Object[] { subjectDN });
- }
- }
-
- /**
- * Method validateCertificate.
- * @param vsr is the VerifyXMLSignatureResponse
- * @param idl
- * @throws ValidateException
- */
- public void validateCertificate(
- VerifyXMLSignatureResponse verifyXMLSignatureResponse,
- IdentityLink idl)
- throws ValidateException {
-
- X509Certificate x509Response = verifyXMLSignatureResponse.getX509certificate();
- PublicKey[] pubKeysIdentityLink = (PublicKey[]) idl.getPublicKey();
-
- RSAPublicKey pubKeyResponse = (RSAPublicKey) x509Response.getPublicKey();
-
- boolean found = false;
- for (int i = 0; i < pubKeysIdentityLink.length; i++) {
- if (idl.getPublicKey()[i]
- instanceof java.security.interfaces.RSAPublicKey) {
- /* for (int j = 0;
- j < idl.getPublicKey()[i].getClass().getInterfaces().length;
- j++) {
- if (idl.getPublicKey()[i].getClass().getInterfaces()[j].getName()
- .equals("java.security.interfaces.RSAPublicKey")) {*/
- RSAPublicKey rsakey = (RSAPublicKey) pubKeysIdentityLink[i];
- if (rsakey.getModulus().equals(pubKeyResponse.getModulus())
- && rsakey.getPublicExponent().equals(
- pubKeyResponse.getPublicExponent()))
- found = true;
- }
-
- }
-
- if (!found)
- throw new ValidateException("validator.09", null);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
deleted file mode 100644
index 6d3e05c29..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
+++ /dev/null
@@ -1,697 +0,0 @@
-package at.gv.egovernment.moa.id.config;
-
-import iaik.pki.pathvalidation.ChainingModes;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-
-import java.io.ByteArrayInputStream;
-import java.math.BigInteger;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.w3c.dom.Attr;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.traversal.NodeIterator;
-
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.data.IssuerAndSerial;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * A class that builds configuration data from a DOM based representation.
- *
- * @author Patrick Peck
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class ConfigurationBuilder {
-
- //
- // XPath namespace prefix shortcuts
- //
- /** an XPATH-Expression */
- private static final String CONF = Constants.MOA_ID_CONFIG_PREFIX + ":";
- /** an XPATH-Expression */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
-
- //
- // chaining mode constants appearing in the configuration file
- //
- /** an XPATH-Expression */
- private static final String CM_CHAINING = "chaining";
- /** an XPATH-Expression */
- private static final String CM_PKIX = "pkix";
- /** an XPATH-Expression */
- private static final String DEFAULT_ENCODING = "UTF-8";
-
- /**
- * Default online application configuration file name
- * (used when <code>/OnlineApplication/ProxyComponent@configFileURL</code> is <code>null</code>).
- */
- public static final String DEFAULT_OA_CONFIG_FILENAME = "MOAConfig.xml";
-
- //
- // XPath expressions to select certain parts of the configuration
- //
- /** an XPATH-Expression */
- private static final String ROOT = "/" + CONF + "MOA-IDConfiguration/";
- /** an XPATH-Expression */
- private static final String ROOTOA = "/" + CONF + "Configuration/";
- /** an XPATH-Expression */
- private static final String AUTH_BKU_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "BKUSelection";
- /** an XPATH-Expression */
- private static final String AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "SecurityLayer/" + CONF + "TransformsInfo/@filename";
- /** an XPATH-Expression */
- private static final String AUTH_MOA_SP_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP";
- /** an XPATH-Expression */
- private static final String AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyIdentityLink/" + CONF + "TrustProfileID";
- /** an XPATH-Expression */
- private static final String AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "TrustProfileID";
- /** an XPATH-Expression */
- private static final String AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "VerifyTransformsInfoProfileID";
-
- /** an XPATH-Expression */
- private static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "IdentityLinkSigners/" + CONF + "X509SubjectName";
- /** an XPATH-Expression */
- private static final String PROXY_AUTH_XPATH =
- ROOT + CONF + "ProxyComponent/" + CONF + "AuthComponent";
-
- /** an XPATH-Expression */
- private static final String OA_XPATH = ROOT + CONF + "OnlineApplication";
- /** an XPATH-Expression */
- private static final String OA_LOGIN_XPATH = ROOT + CONF + "OnlineApplication/@loginURL";
- /** an XPATH-Expression */
- private static final String OA_AUTH_COMPONENT_XPATH = CONF + "AuthComponent";
- /** an XPATH-Expression */
- private static final String OA_PROXY_COMPONENT_XPATH = CONF + "ProxyComponent";
- /** an XPATH-Expression */
- private static final String OA_PROXY_COMPONENT_ABSOLUTE_XPATH = ROOT + CONF + "OnlineApplication/" + CONF + "ProxyComponent";
- /** an XPATH-Expression */
- private static final String OA_PROXY_URL_XPATH = CONF + "ProxyComponent/@configFileURL";
- /** an XPATH-Expression */
- private static final String OA_PROXY_SESSION_TIMEOUT_XPATH = CONF + "ProxyComponent/@sessionTimeOut";
- /** an XPATH-Expression */
- private static final String OA_PROXY_LOGIN_PARA_XPATH = CONF + "ProxyComponent/@loginParameterResolverImpl";
- /** an XPATH-Expression */
- private static final String OA_PROXY_LOGIN_PARA_CONF_XPATH = CONF + "ProxyComponent/@loginParameterResolverConfiguration";
- /** an XPATH-Expression */
- private static final String OA_PROXY_CONNECTION_BUILDER_XPATH = CONF + "ProxyComponent/@connectionBuilderImpl";
- /** an XPATH-Expression */
- private static final String CONNECTION_PARAMETER_URL_XPATH =
- CONF + "ConnectionParameter/@URL";
- /** an XPATH-Expression */
- private static final String CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH =
- CONF + "ConnectionParameter/" + CONF + "AcceptedServerCertificates";
- /** an XPATH-Expression */
- private static final String CONNECTION_PARAMETERN_KEYSTORE_XPATH =
- CONF + "ConnectionParameter/" + CONF + "ClientKeyStore";
- /** an XPATH-Expression */
- private static final String CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH =
- CONNECTION_PARAMETERN_KEYSTORE_XPATH + "/@password";
- /** an XPATH-Expression */
- private static final String GENERIC_CONFIGURATION_XPATH =
- ROOT + CONF + "GenericConfiguration";
- /** an XPATH-Expression */
- private static final String OACONF_LOGIN_TYPE_XPATH =
- ROOTOA + CONF + "LoginType";
- /** an XPATH-Expression */
- private static final String OACONF_PARAM_AUTH_PARAMETER_XPATH =
- ROOTOA + CONF + "ParamAuth/" + CONF + "Parameter";
- /** an XPATH-Expression */
- private static final String OACONF_USER_ID_XPATH =
- ROOTOA + CONF + "BasicAuth/" + CONF + "UserID";
- /** an XPATH-Expression */
- private static final String OACONF_PASSWORD_XPATH =
- ROOTOA + CONF + "BasicAuth/" + CONF + "Password";
- /** an XPATH-Expression */
- private static final String OACONF_HEADER_AUTH_HEADER_XPATH =
- ROOTOA + CONF + "HeaderAuth/" + CONF + "Header";
- /** an XPATH-Expression */
- private static final String CHAINING_MODES_XPATH =
- ROOT + CONF + "ChainingModes";
- /** an XPATH-Expression */
- private static final String CHAINING_MODES_DEFAULT_XPATH =
- CHAINING_MODES_XPATH + "/@systemDefaultMode";
- /** an XPATH-Expression */
- private static final String TRUST_ANCHOR_XPATH =
- ROOT + CONF + "ChainingModes/" + CONF + "TrustAnchor";
- /** an XPATH-Expression */
- private static final String ISSUER_XPATH = DSIG + "X509IssuerName";
- /** an XPATH-Expression */
- private static final String SERIAL_XPATH = DSIG + "X509SerialNumber";
- /** an XPATH-Expression */
- private static final String TRUSTED_CA_CERTIFICATES_XPATH =
- ROOT + CONF + "TrustedCACertificates";
-
-
- /**
- * main configuration file directory name used to configure MOA-ID
- */
- private String rootConfigFileDir;
-
- /** The root element of the MOA-ID configuration */
- private Element configElem;
-
- /**
- * Creates a new <code>MOAConfigurationProvider</code>.
- *
- * @param configElem The root element of the MOA-ID configuration.
- */
- public ConfigurationBuilder(Element configElem, String rootConfigDir) {
- this.configElem = configElem;
- this.rootConfigFileDir = rootConfigDir;
- }
-
- /**
- * Returns the root element of the MOA-ID configuration.
- *
- * @return The root element of the MOA-ID configuration.
- */
- public Element getConfigElem() {
- return configElem;
- }
-
- /**
- * Build a ConnectionParameter object containing all information
- * of the moa-sp element in the authentication component
- * @return ConnectionParameter of the authentication component moa-sp element
- */
- public ConnectionParameter buildAuthBKUConnectionParameter() {
-
- Element authBKU = (Element) XPathUtils.selectSingleNode(getConfigElem(), AUTH_BKU_XPATH);
- if (authBKU==null) return null;
- return buildConnectionParameter(authBKU);
- }
-
- /**
- * Method buildAuthBKUSelectionType.
- *
- * Build a string with the configuration value of BKUSelectionAlternative
- *
- * @return String
- */
- public String buildAuthBKUSelectionType() {
-
- Element authBKU = (Element) XPathUtils.selectSingleNode(getConfigElem(), AUTH_BKU_XPATH);
- if (authBKU==null) return null;
- return (authBKU).getAttribute("BKUSelectionAlternative");
- }
-
- /**
- * Build a string array with all filenames leading
- * to the Transforms Information for the Security Layer
- * @return String[] of filenames to the Security Layer Transforms Information
- */
- public String[] buildTransformsInfoFileNames() {
-
- List transformsInfoFileNames = new ArrayList();
- NodeIterator tiIter =
- XPathUtils.selectNodeIterator(
- getConfigElem(),
- AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH);
- Attr tiElem;
-
- while ((tiElem = (Attr) tiIter.nextNode()) != null) {
-
- String tiFileName = tiElem.getNodeValue();
- transformsInfoFileNames.add(tiFileName);
- }
- String[] result = new String[transformsInfoFileNames.size()];
- transformsInfoFileNames.toArray(result);
-
- return result;
- }
-
- /**
- * Build a ConnectionParameter bean containing all information
- * of the authentication component moa-sp element
- * @return ConnectionParameter of the authentication component moa-sp element
- */
- public ConnectionParameter buildMoaSpConnectionParameter() {
-
- Element connectionParameter = (Element) XPathUtils.selectSingleNode(getConfigElem(), AUTH_MOA_SP_XPATH);
- if (connectionParameter==null) return null;
- return buildConnectionParameter(connectionParameter);
- }
-
- /**
- * Return a string with a url-reference to the VerifyIdentityLink trust
- * profile id within the moa-sp part of the authentication component
- * @return String with a url-reference to the VerifyIdentityLink trust profile ID
- */
- public String getMoaSpIdentityLinkTrustProfileID() {
- return XPathUtils.getElementValue(
- getConfigElem(),
- AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH,
- "");
- }
- /**
- * Return a string representation of an URL pointing to trusted CA Certificates
- * @return String representation of an URL pointing to trusted CA Certificates
- */
- public String getTrustedCACertificates() {
- return XPathUtils.getElementValue(
- getConfigElem(),
- TRUSTED_CA_CERTIFICATES_XPATH,null);
- }
-
- /**
- * Return a string with a url-reference to the VerifyAuthBlock trust
- * profile id within the moa-sp part of the authentication component
- * @return String with a url-reference to the VerifyAuthBlock trust profile ID
- */
- public String getMoaSpAuthBlockTrustProfileID() {
- return XPathUtils.getElementValue(
- getConfigElem(),
- AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH,
- "");
- }
- /**
- * Build a string array with references to all verify transform info
- * IDs within the moa-sp part of the authentication component
- * @return A string array containing all urls to the
- * verify transform info IDs
- */
- public String[] buildMoaSpAuthBlockVerifyTransformsInfoIDs() {
-
- List verifyTransformsInfoIDs = new ArrayList();
- NodeIterator vtIter =
- XPathUtils.selectNodeIterator(
- getConfigElem(),
- AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH);
- Element vtElem;
-
- while ((vtElem = (Element) vtIter.nextNode()) != null) {
-
- String vtInfoIDs = DOMUtils.getText(vtElem);
- verifyTransformsInfoIDs.add(vtInfoIDs);
- }
- String[] result = new String[verifyTransformsInfoIDs.size()];
- verifyTransformsInfoIDs.toArray(result);
-
- return result;
- }
-
- /**
- * Return a string array containing all X509 Subject Names
- * of the Identity Link Signers
- * @return String with a url-reference to the VerifyAuthBlock trust profile ID
- */
- public String[] getIdentityLink_X509SubjectNames() {
-
- List x509SubjectNameList = new ArrayList();
- NodeIterator x509Iter =
- XPathUtils.selectNodeIterator(
- getConfigElem(),
- AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH);
- Element x509Elem;
-
- while ((x509Elem = (Element) x509Iter.nextNode()) != null) {
-
- String vtInfoIDs = DOMUtils.getText(x509Elem);
- x509SubjectNameList.add(vtInfoIDs);
- }
- String[] result = new String[x509SubjectNameList.size()];
- x509SubjectNameList.toArray(result);
-
- return result;
- }
-
- /**
- * Build an array of the OnlineApplication Parameters containing information
- * about the authentication component
- * @return An OAProxyParameter array containing beans
- * with all relevant information for the authentication component of the online
- * application
- */
- public OAAuthParameter[] buildOnlineApplicationAuthParameters() {
-
- List OA_set = new ArrayList();
- NodeList OAIter = XPathUtils.selectNodeList(getConfigElem(), OA_XPATH);
-
- for (int i = 0; i < OAIter.getLength(); i++) {
- Element oAElem = (Element) OAIter.item(i);
- Element authComponent =
- (Element) XPathUtils.selectSingleNode(oAElem, OA_AUTH_COMPONENT_XPATH);
-
- OAAuthParameter oap = new OAAuthParameter();
- oap.setPublicURLPrefix(oAElem.getAttribute("publicURLPrefix"));
- //Check if there is an Auth-Block to read from configuration
- if (authComponent!=null)
- {
- oap.setProvideZMRZahl(BoolUtils.valueOf(authComponent.getAttribute("provideZMRZahl")));
- oap.setProvideAuthBlock(BoolUtils.valueOf(authComponent.getAttribute("provideAUTHBlock")));
- oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink")));
- }
- OA_set.add(oap);
- }
- OAAuthParameter[] result =
- new OAAuthParameter[OA_set.size()];
- OA_set.toArray(result);
-
- return result;
-
- }
-
- /**
- * Build a bean containing all information about the ProxyComponent
- * @return The ConnectionParameter for the Proxy Component
- */
- public ConnectionParameter buildAuthComponentConnectionParameter()
- {
-
- Element connectionParameter = (Element) XPathUtils.selectSingleNode(getConfigElem(), PROXY_AUTH_XPATH);
- if (connectionParameter==null) return null;
- return buildConnectionParameter(connectionParameter);
-
- }
- /**
- * Method buildConnectionParameter: internal Method for creating a
- * ConnectionParameter object with all data found in the incoming element
- * @param root: this Element contains the ConnectionParameter
- * @return ConnectionParameter
- */
- protected ConnectionParameter buildConnectionParameter(Element root)
- {
- ConnectionParameter result = new ConnectionParameter();
- result.setAcceptedServerCertificates(
- XPathUtils.getElementValue(root,CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH,null));
-
- result.setAcceptedServerCertificates(FileUtils.makeAbsoluteURL(
- result.getAcceptedServerCertificates(), rootConfigFileDir));
-
- result.setUrl(
- XPathUtils.getAttributeValue(root, CONNECTION_PARAMETER_URL_XPATH, ""));
- result.setClientKeyStore(
- XPathUtils.getElementValue(root,CONNECTION_PARAMETERN_KEYSTORE_XPATH,null));
-
- result.setClientKeyStore(FileUtils.makeAbsoluteURL(
- result.getClientKeyStore(), rootConfigFileDir));
-
- result.setClientKeyStorePassword(
- XPathUtils.getAttributeValue(root,CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH,""));
-
- if ((result.getAcceptedServerCertificates()==null)
- && (result.getUrl()=="")
- && (result.getClientKeyStore()==null)
- && (result.getClientKeyStorePassword()==""))
- return null;
-
- return result;
- }
-
- /**
- * Build an array of OnlineApplication Parameter Beans containing information
- * about the proxy component
- * @return An OAProxyParameter array containing beans
- * with all relevant information for the proxy component of the online
- * application
- */
- public OAProxyParameter[] buildOnlineApplicationProxyParameters() throws ConfigurationException{
-
- List oA_list = new ArrayList();
- NodeList OAIter = XPathUtils.selectNodeList(getConfigElem(), OA_XPATH);
-
- for (int i = 0; i < OAIter.getLength(); i++) {
- Element oAElem = (Element) OAIter.item(i);
- OAProxyParameter oap = new OAProxyParameter();
-
- oap.setPublicURLPrefix(oAElem.getAttribute("publicURLPrefix"));
- Element proxyComponentElem = (Element) XPathUtils.selectSingleNode(oAElem,OA_PROXY_COMPONENT_XPATH);
- if (proxyComponentElem != null) {
- oap.setConfigFileURL(XPathUtils.getAttributeValue(oAElem, OA_PROXY_URL_XPATH, null));
- oap.setConfigFileURL(FileUtils.makeAbsoluteURL(oap.getConfigFileURL(), rootConfigFileDir));
- // default session time out: 3600 sec = 1 h
- oap.setSessionTimeOut(new Integer(XPathUtils.getAttributeValue(oAElem,OA_PROXY_SESSION_TIMEOUT_XPATH,"3600")).intValue());
- oap.setLoginParameterResolverImpl(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_XPATH, null));
- oap.setLoginParameterResolverConfiguration(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_CONF_XPATH, null));
- oap.setConnectionBuilderImpl(XPathUtils.getAttributeValue(oAElem,OA_PROXY_CONNECTION_BUILDER_XPATH, null));
-
- ConnectionParameter conPara = buildConnectionParameter(proxyComponentElem);
- oap.setConnectionParameter(conPara);
-
- OAConfiguration oaConf = buildOAConfiguration(getOAConfigElement(oap));
- oap.setOaConfiguration(oaConf);
-
- oA_list.add(oap);
- }
- }
- OAProxyParameter[] result =
- new OAProxyParameter[oA_list.size()];
- oA_list.toArray(result);
-
- return result;
-
- }
-
- /**
- * Build the mapping of generic configuration properties.
- *
- * @return a {@link Map} of generic configuration properties (a name to value
- * mapping) from the configuration.
- */
- public Map buildGenericConfiguration() {
-
- Map genericConfiguration = new HashMap();
- NodeIterator gcIter =
- XPathUtils.selectNodeIterator(
- getConfigElem(),
- GENERIC_CONFIGURATION_XPATH);
- Element gcElem;
-
- while ((gcElem = (Element) gcIter.nextNode()) != null) {
- String gcName = gcElem.getAttribute("name");
- String gcValue = gcElem.getAttribute("value");
-
- genericConfiguration.put(gcName, gcValue);
- }
-
- return genericConfiguration;
- }
- /**
- * Method buildOAConfiguration.
- *
- * Build an {@link OAConfiguration} Object from the given configuration DOM element
- *
- * @param root
- * @return OAConfiguration
- * @throws ConfigurationException
- */
- public OAConfiguration buildOAConfiguration(Element root) throws ConfigurationException{
-
- OAConfiguration oaConfiguration = new OAConfiguration();
-
- //The LoginType hast to be "stateless" or "stateful" to be valid
- oaConfiguration.setLoginType(
- XPathUtils.getElementValue(root, OACONF_LOGIN_TYPE_XPATH, null));
-
- //Try to build the Parameter Auth Parameters
- NodeIterator paramAuthIter =
- XPathUtils.selectNodeIterator(
- root,
- OACONF_PARAM_AUTH_PARAMETER_XPATH);
- Element paramAuthElem;
- HashMap paramAuthMap = new HashMap();
- while ((paramAuthElem = (Element) paramAuthIter.nextNode()) != null) {
- String name = XPathUtils.getAttributeValue(paramAuthElem, "@Name", null);
- String value = XPathUtils.getAttributeValue(paramAuthElem, "@Value", null);
- if (paramAuthMap.containsKey(name))
- throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
- paramAuthMap.put(name, value);
- }
- oaConfiguration.setParamAuthMapping(paramAuthMap);
- // Try to build the BasicAuthParameters
- oaConfiguration.setBasicAuthUserIDMapping(
- XPathUtils.getElementValue(root, OACONF_USER_ID_XPATH, null));
- oaConfiguration.setBasicAuthPasswordMapping(
- XPathUtils.getElementValue(root, OACONF_PASSWORD_XPATH, null));
-
- //Try to build the Parameter Auth Parameters
- NodeIterator headerAuthIter = XPathUtils.selectNodeIterator(root,OACONF_HEADER_AUTH_HEADER_XPATH);
-
- Element headerAuthElem;
- HashMap headerAuthMap = new HashMap();
- while ((headerAuthElem = (Element) headerAuthIter.nextNode()) != null) {
- String name =
- XPathUtils.getAttributeValue(headerAuthElem, "@Name", null);
- String value =
- XPathUtils.getAttributeValue(headerAuthElem, "@Value", null);
- // Contains Key (Neue Config-Exception: doppelte werte)
- if (headerAuthMap.containsKey(name))
- throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
- headerAuthMap.put(name, value);
- }
- oaConfiguration.setHeaderAuthMapping(headerAuthMap);
-
- if (paramAuthMap.size() == 0) {
- if (oaConfiguration.getBasicAuthUserIDMapping() == null) {
- oaConfiguration.setAuthType(OAConfiguration.HEADER_AUTH);
- }
- else
- oaConfiguration.setAuthType(OAConfiguration.BASIC_AUTH);
- }
- else
- oaConfiguration.setAuthType(OAConfiguration.PARAM_AUTH);
-
- return oaConfiguration;
- }
-
- /**
- * Reads the configuration file of the online application, and creates a DOM tree from it.
- * If <code>/OnlineApplication/ProxyComponent@configFileURL</code> is not given,
- * uses default configuration file location.
- *
- * @param oap configuration data of online application, meant for use by MOA-ID-PROXY
- * @return Element DOM tree root element
- * @throws ConfigurationException on any exception thrown
- */
- private Element getOAConfigElement(OAProxyParameter oap) throws ConfigurationException
- {
- try {
- String configFileURL = oap.getConfigFileURL();
- if (configFileURL == null) {
- // use default config file URL, when config file URL is not given
- configFileURL = oap.getConnectionParameter().getUrl();
- if (configFileURL.charAt(configFileURL.length() - 1) != '/')
- configFileURL += "/";
- configFileURL += DEFAULT_OA_CONFIG_FILENAME;
- }
- Logger.info("Loading MOA-OA configuration " + configFileURL);
- Element configElem = DOMUtils.parseXmlValidating(
- new ByteArrayInputStream(FileUtils.readURL(configFileURL)));
- return configElem;
- }
- catch (Throwable t) {
- throw new ConfigurationException("config.03", new Object[] {"OAConfiguration"} , t);
- }
- }
-
- /**
- * Returns the default chaining mode from the configuration.
- *
- * @return The default chaining mode.
- */
- public String getDefaultChainingMode() {
- String defaultChaining =
- XPathUtils.getAttributeValue(
- getConfigElem(),
- CHAINING_MODES_DEFAULT_XPATH,
- CM_CHAINING);
-
- return translateChainingMode(defaultChaining);
-
- }
- /**
- * Build the chaining modes for all configured trust anchors.
- *
- * @return The mapping from trust anchors to chaining modes.
- */
- public Map buildChainingModes() {
- Map chainingModes = new HashMap();
- NodeIterator trustIter =
- XPathUtils.selectNodeIterator(getConfigElem(), TRUST_ANCHOR_XPATH);
- Element trustAnchorElem;
-
- while ((trustAnchorElem = (Element) trustIter.nextNode()) != null) {
- IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(trustAnchorElem);
- String mode = trustAnchorElem.getAttribute("mode");
-
- if (issuerAndSerial != null) {
- chainingModes.put(issuerAndSerial, translateChainingMode(mode));
- }
- }
-
- return chainingModes;
- }
-
- /**
- * Build an <code>IssuerAndSerial</code> from the DOM representation.
- *
- * @param root The root element (being of type <code>dsig:
- * X509IssuerSerialType</code>.
- * @return The issuer and serial number contained in the <code>root</code>
- * element or <code>null</code> if could not be built for any reason.
- */
- private IssuerAndSerial buildIssuerAndSerial(Element root) {
- String issuer = XPathUtils.getElementValue(root, ISSUER_XPATH, null);
- String serial = XPathUtils.getElementValue(root, SERIAL_XPATH, null);
-
- if (issuer != null && serial != null) {
- try {
- RFC2253NameParser nameParser = new RFC2253NameParser(issuer);
- Principal issuerDN = nameParser.parse();
-
- return new IssuerAndSerial(issuerDN, new BigInteger(serial));
- } catch (RFC2253NameParserException e) {
- warn("config.09", new Object[] { issuer, serial }, e);
- return null;
- } catch (NumberFormatException e) {
- warn("config.09", new Object[] { issuer, serial }, e);
- return null;
- }
- }
- return null;
- }
-
- /**
- * Translate the chaining mode from the configuration file to one used in the
- * IAIK MOA API.
- *
- * @param chainingMode The chaining mode from the configuration.
- * @return The chaining mode as provided by the <code>ChainingModes</code>
- * interface.
- * @see iaik.pki.pathvalidation.ChainingModes
- */
- private String translateChainingMode(String chainingMode) {
- if (chainingMode.equals(CM_CHAINING)) {
- return ChainingModes.CHAIN_MODE;
- } else if (chainingMode.equals(CM_PKIX)) {
- return ChainingModes.PKIX_MODE;
- } else {
- return ChainingModes.CHAIN_MODE;
- }
- }
-
- /**
- * Method warn.
- * @param messageId to identify a country-specific message
- * @param parameters for the logger
- */
- //
- // various utility methods
- //
-
- private static void warn(String messageId, Object[] parameters) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
- }
-
- /**
- * Method warn.
- * @param messageId to identify a country-specific message
- * @param args for the logger
- * @param t as throwabl
- */
- private static void warn(String messageId, Object[] args, Throwable t) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, args), t);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationException.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationException.java
deleted file mode 100644
index 2ebec0398..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationException.java
+++ /dev/null
@@ -1,31 +0,0 @@
-package at.gv.egovernment.moa.id.config;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception signalling an error in the configuration.
- *
- * @author Patrick Peck
- * @version $Id$
- */
-public class ConfigurationException extends MOAIDException {
-
- /**
- * Create a <code>MOAConfigurationException</code>.
- */
- public ConfigurationException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Create a <code>MOAConfigurationException</code>.
- */
- public ConfigurationException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
-
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
deleted file mode 100644
index 48e82011d..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
+++ /dev/null
@@ -1,114 +0,0 @@
-package at.gv.egovernment.moa.id.config;
-
-import java.math.BigInteger;
-import java.security.Principal;
-import java.security.cert.X509Certificate;
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.data.IssuerAndSerial;
-
-/**
- * Base class for <code>AuthConfigurationProvider</code> and <code>ProxyConfigurationProvider</code>,
- * providing functions common to both of them.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ConfigurationProvider {
-
- /**
- * Constructor
- */
- public ConfigurationProvider() {
- super();
- }
-
- /**
- * The name of the system property which contains the file name of the
- * configuration file.
- */
- public static final String CONFIG_PROPERTY_NAME =
- "moa.id.configuration";
-
- /**
- * The name of the generic configuration property giving the certstore directory path.
- */
- public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY =
- "DirectoryCertStoreParameters.RootDir";
-
- /**
- * The name of the generic configuration property switching the ssl revocation checking on/off
- */
- public static final String TRUST_MANAGER_REVOCATION_CHECKING =
- "TrustManager.RevocationChecking";
-
-
- /**
- * A <code>Map</code> which contains generic configuration information. Maps a
- * configuration name (a <code>String</code>) to a configuration value (also a
- * <code>String</code>).
- */
- protected Map genericConfiguration;
-
- /** The default chaining mode. */
- protected String defaultChainingMode;
-
- /**
- * A <code>Map</code> which contains the <code>IssuerAndSerial</code> to
- * chaining mode (a <code>String</code>) mapping.
- */
- protected Map chainingModes;
-
- /**
- * the URL for the trusted CA Certificates
- */
- protected String trustedCACertificates;
-
- /**
- * Returns the mapping of generic configuration properties.
- *
- * @return The mapping of generic configuration properties (a name to value
- * mapping) from the configuration.
- */
- public Map getGenericConfiguration() {
- return genericConfiguration;
- }
-
- /**
- * Returns the value of a parameter from the generic configuration section.
- *
- * @return the parameter value; <code>null</code> if no such parameter
- */
- public String getGenericConfigurationParameter(String parameter) {
- if (! genericConfiguration.containsKey(parameter))
- return null;
- return (String)genericConfiguration.get(parameter);
- }
-
- /**
- * Return the chaining mode for a given trust anchor.
- *
- * @param trustAnchor The trust anchor for which the chaining mode should be
- * returned.
- * @return The chaining mode for the given trust anchor. If the trust anchor
- * has not been configured separately, the system default will be returned.
- */
- public String getChainingMode(X509Certificate trustAnchor) {
- Principal issuer = trustAnchor.getIssuerDN();
- BigInteger serial = trustAnchor.getSerialNumber();
- IssuerAndSerial issuerAndSerial = new IssuerAndSerial(issuer, serial);
-
- String mode = (String) chainingModes.get(issuerAndSerial);
- return mode != null ? mode : defaultChainingMode;
- }
-
- /**
- * Returns the trustedCACertificates.
- * @return String
- */
- public String getTrustedCACertificates() {
-
- return trustedCACertificates;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConnectionParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/ConnectionParameter.java
deleted file mode 100644
index 30b09cfe0..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConnectionParameter.java
+++ /dev/null
@@ -1,106 +0,0 @@
-package at.gv.egovernment.moa.id.config;
-
-/**
- * This bean class is used to store data for various connectionParameter
- * within the MOA-ID configuration
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class ConnectionParameter {
-
- /**
- * Server URL
- */
- private String url;
- /**
- * File URL for a directory containing PKCS#12 server SSL certificates.
- * From these certificates, a X509 trust store will be assembled for use
- * by a JSSE <code>TrustManager</code>.
- * This field will only be used in case of an HTTPS URL.
- */
- private String acceptedServerCertificates;
- /**
- * File URL of a X509 key store containing the private key to be used
- * for an HTTPS connection when the server requires client authentication.
- * This field will only be used in case of an HTTPS URL.
- */
- private String clientKeyStore;
- /**
- * Password protecting the client key store.
- */
- private String clientKeyStorePassword;
-
- /**
- * Checks whether the URL scheme is <code>"https"</code>.
- * @return true in case of an URL starting with <code>"https"</code>
- */
- public boolean isHTTPSURL() {
- return getUrl().indexOf("https") == 0;
- }
-
- /**
- * Returns the url.
- * @return String
- */
- public String getUrl() {
- return url;
- }
-
- /**
- * Returns the acceptedServerCertificates.
- * @return String
- */
- public String getAcceptedServerCertificates() {
- return acceptedServerCertificates;
- }
-
- /**
- * Sets the acceptedServerCertificates.
- * @param acceptedServerCertificates The acceptedServerCertificates to set
- */
- public void setAcceptedServerCertificates(String acceptedServerCertificates) {
- this.acceptedServerCertificates = acceptedServerCertificates;
- }
-
- /**
- * Sets the url.
- * @param url The url to set
- */
- public void setUrl(String url) {
- this.url = url;
- }
-
- /**
- * Returns the clientKeyStore.
- * @return String
- */
- public String getClientKeyStore() {
- return clientKeyStore;
- }
-
- /**
- * Returns the clientKeyStorePassword.
- * @return String
- */
- public String getClientKeyStorePassword() {
- return clientKeyStorePassword;
- }
-
- /**
- * Sets the clientKeyStore.
- * @param clientKeyStore The clientKeyStore to set
- */
- public void setClientKeyStore(String clientKeyStore) {
- this.clientKeyStore = clientKeyStore;
- }
-
- /**
- * Sets the clientKeyStorePassword.
- * @param clientKeyStorePassword The clientKeyStorePassword to set
- */
- public void setClientKeyStorePassword(String clientKeyStorePassword) {
- this.clientKeyStorePassword = clientKeyStorePassword;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
deleted file mode 100644
index 2e133130c..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ /dev/null
@@ -1,375 +0,0 @@
-package at.gv.egovernment.moa.id.config.auth;
-
-import java.io.BufferedInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.MalformedURLException;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.config.ConfigurationBuilder;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-
-/**
- * A class providing access to the Auth Part of the MOA-ID configuration data.
- *
- * <p>Configuration data is read from an XML file, whose location is given by
- * the <code>moa.id.configuration</code> system property.</p>
- * <p>This class implements the Singleton pattern. The <code>reload()</code>
- * method can be used to update the configuration data. Therefore, it is not
- * guaranteed that consecutive calls to <code>getInstance()</code> will return
- * the same <code>AuthConfigurationProvider</code> all the time. During the
- * processing of a web service request, the current
- * <code>TransactionContext</code> should be used to obtain the
- * <code>AuthConfigurationProvider</code> local to that request.</p>
- *
- * @author Patrick Peck
- * @author Stefan Knirsch
- *
- * @version $Id$
- */
-public class AuthConfigurationProvider extends ConfigurationProvider {
-
- /** DEFAULT_ENCODING is "UTF-8" */
- private static final String DEFAULT_ENCODING="UTF-8";
- /**
- * The name of the generic configuration property giving the authentication session time out.
- */
- public static final String AUTH_SESSION_TIMEOUT_PROPERTY =
- "AuthenticationSession.TimeOut";
- /**
- * The name of the generic configuration property giving the authentication data time out.
- */
- public static final String AUTH_DATA_TIMEOUT_PROPERTY =
- "AuthenticationData.TimeOut";
-
- /**
- * BKUSelectionType HTMLComplete, according to schema type <code>BKUSelectionType</code>
- */
- public static final String BKU_SELECTION_TYPE_HTMLCOMPLETE =
- "HTMLComplete";
-
- /**
- * BKUSelectionType HTMLSelect, according to schema type <code>BKUSelectionType</code>
- */
- public static final String BKU_SELECTION_TYPE_HTMLSELECT =
- "HTMLSelect";
-
- /**
- * The name of the generic configuration property allowing https connection to
- * the user frontend servlets ("StartAuthentication" and "SelectBKU" servlets)
- */
- public static final String FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY =
- "FrontendServlets.EnableHTTPConnection";
-
- /**
- * The name of the generic configuration property allowing to set a individual
- * DATA URL used to communicate with the BKU (SecurityLayer)
- */
- public static final String INDIVIDUAL_DATA_URL_PREFIX =
- "FrontendServlets.DataURLPrefix";
-
- /** Singleton instance. <code>null</code>, if none has been created. */
- private static AuthConfigurationProvider instance;
-
- //
- // configuration data
- //
-
- /**
- * main configuration file directory name used to configure MOA-ID
- */
- private String rootConfigFileDir;
-
- /**
- * configuration files containing transformations for rendering in the
- * secure viewer of the security layer implementation;
- * multiple files can be given for different mime types
- */
- private String[] transformsInfoFileNames;
- /**
- * transformations for rendering in the secure viewer of the security layer implementation,
- * read from {@link transformsInfoFileNames};
- * multiple transformation can be given for different mime types
- */
- private String[] transformsInfos;
- /**
- * parameters for connection to MOA SP component
- */
- private ConnectionParameter moaSpConnectionParameter;
- /**
- * trust profile ID to be used for verifying the identity link signature via MOA ID SP
- */
- private String moaSpIdentityLinkTrustProfileID;
- /**
- * trust profile ID to be used for verifying the AUTH block signature via MOA ID SP
- */
- private String moaSpAuthBlockTrustProfileID;
- /**
- * transformations to be used for verifying the AUTH block signature via MOA ID SP
- */
- private String[] moaSpAuthBlockVerifyTransformsInfoIDs;
- /**
- * X509 SubjectNames which will be trusted
- */
- private String[] identityLinkX509SubjectNames;
-
- /**
- * configuration parameters for online applications
- */
- private OAAuthParameter[] onlineApplicationAuthParameters;
- /**
- * the Selection Type of the bku Selection Element
- */
- private String bKUSelectionType;
- /**
- * is the bku Selection Element present?
- */
- private boolean bKUSelectable;
- /**
- * the bku Selection Connection Parameters
- */
- private ConnectionParameter bKUConnectionParameter;
- /**
- * Return the single instance of configuration data.
- *
- * @return AuthConfigurationProvider The current configuration data.
- * @throws ConfigurationException
- */
- public static synchronized AuthConfigurationProvider getInstance()
- throws ConfigurationException {
-
- if (instance == null) {
- reload();
- }
- return instance;
- }
-
- /**
- * Reload the configuration data and set it if successful.
- *
- * @return AuthConfigurationProvider The loaded configuration data.
- * @throws ConfigurationException Failure to load the configuration data.
- */
- public static synchronized AuthConfigurationProvider reload()
- throws ConfigurationException {
- String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
- if (fileName == null) {
- throw new ConfigurationException("config.01", null);
- }
- Logger.info("Loading MOA-ID-AUTH configuration " + fileName);
-
- instance = new AuthConfigurationProvider(fileName);
- return instance;
- }
-
- /**
- * Constructor for AuthConfigurationProvider.
- * @param fileName
- * @throws ConfigurationException
- */
- public AuthConfigurationProvider(String fileName)
- throws ConfigurationException {
-
- load(fileName);
- }
-
- /**
- * Load the configuration data from XML file with the given name and build
- * the internal data structures representing the MOA ID configuration.
- *
- * @param fileName The name of the XML file to load.
- * @throws ConfigurationException The MOA configuration could not be
- * read/built.
- */
- private void load(String fileName) throws ConfigurationException {
- InputStream stream = null;
- Element configElem;
- ConfigurationBuilder builder;
-
- try {
- // load the main config file
- stream = new BufferedInputStream(new FileInputStream(fileName));
- configElem = DOMUtils.parseXmlValidating(stream);
- } catch (Throwable t) {
- throw new ConfigurationException("config.03", null, t);
- }
- finally {
- try {
- if (stream != null) {
- stream.close();
- }
- } catch (IOException e) {
- }
- }
- try {
- // determine the directory of the root config file
- rootConfigFileDir = new File(fileName).getParent();
- try {
- rootConfigFileDir = new File(rootConfigFileDir).toURL().toString();
- } catch (MalformedURLException t) {
- throw new ConfigurationException("config.03", null, t);
- }
-
- // build the internal datastructures
- builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
- bKUConnectionParameter = builder.buildAuthBKUConnectionParameter();
- bKUSelectable = (bKUConnectionParameter!=null);
- bKUSelectionType = builder.buildAuthBKUSelectionType();
- genericConfiguration = builder.buildGenericConfiguration();
- transformsInfoFileNames = builder.buildTransformsInfoFileNames();
- loadTransformsInfos();
- moaSpConnectionParameter = builder.buildMoaSpConnectionParameter();
- moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID();
- moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID();
- moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs();
- onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters();
- identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
- defaultChainingMode = builder.getDefaultChainingMode();
- chainingModes = builder.buildChainingModes();
- trustedCACertificates = builder.getTrustedCACertificates();
- trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir); }
-
- catch (Throwable t) {
- throw new ConfigurationException("config.02", null, t);
- }
- }
-
- /**
- * Loads the <code>transformsInfos</code> from files.
- * @throws Exception on any exception thrown
- */
- private void loadTransformsInfos() throws Exception {
-
- transformsInfos = new String[transformsInfoFileNames.length];
- for (int i = 0; i < transformsInfoFileNames.length; i++) {
- String fileURL = transformsInfoFileNames[i];
-
- //if fileURL is relative to rootConfigFileDir make it absolute
- fileURL = FileUtils.makeAbsoluteURL(fileURL, rootConfigFileDir);
- String transformsInfo = FileUtils.readURL(fileURL, DEFAULT_ENCODING);
- transformsInfos[i] = transformsInfo;
- }
- }
- /**
- * Return a string array with all filenames leading
- * to the Transforms Information for the Security Layer
- * @return String[] of filenames to the Security Layer Transforms Information
- */
- public String[] getTransformsInfoFileNames() {
- return transformsInfoFileNames;
- }
-
- /**
- * Build an array of the OnlineApplication Parameters containing information
- * about the authentication component
- * @return An OAProxyParameter array containing beans
- * with all relevant information for theauthentication component of the online
- * application
- */
- public OAAuthParameter[] getOnlineApplicationParameters() {
- return onlineApplicationAuthParameters;
- }
-
- /**
- * Provides configuration information regarding the online application behind
- * the given URL, relevant to the MOA-ID Auth component.
- *
- * @param oaURL URL requested for an online application
- * @return an <code>OAAuthParameter</code>, or <code>null</code>
- * if none is applicable
- */
- public OAAuthParameter getOnlineApplicationParameter(String oaURL) {
- OAAuthParameter[] oaParams = getOnlineApplicationParameters();
- for (int i = 0; i < oaParams.length; i++) {
- OAAuthParameter oaParam = oaParams[i];
- if (oaURL.indexOf(oaParam.getPublicURLPrefix()) == 0)
- return oaParam;
- }
- return null;
- }
-
- /**
- * Return a string with a url-reference to the VerifyAuthBlock trust
- * profile id within the moa-sp part of the authentication component
- *
- * @return String with a url-reference to the VerifyAuthBlock trust profile ID
- */
- public String getMoaSpAuthBlockTrustProfileID() {
- return moaSpAuthBlockTrustProfileID;
- }
-
- /**
- * Return a string array with references to all verify transform info
- * IDs within the moa-sp part of the authentication component
- * @return A string array containing all urls to the
- * verify transform info IDs
- */
- public String[] getMoaSpAuthBlockVerifyTransformsInfoIDs() {
- return moaSpAuthBlockVerifyTransformsInfoIDs;
- }
-
- /**
- * Return a ConnectionParameter bean containing all information
- * of the authentication component moa-sp element
- * @return ConnectionParameter of the authentication component moa-sp element
- */
- public ConnectionParameter getMoaSpConnectionParameter() {
- return moaSpConnectionParameter;
- }
-
- /**
- * Return a string with a url-reference to the VerifyIdentityLink trust
- * profile id within the moa-sp part of the authentication component
- * @return String with a url-reference to the VerifyIdentityLink trust profile ID
- */
- public String getMoaSpIdentityLinkTrustProfileID() {
- return moaSpIdentityLinkTrustProfileID;
- }
- /**
- * Returns the transformsInfos.
- * @return String[]
- */
- public String[] getTransformsInfos() {
- return transformsInfos;
- }
-
- /**
- * Returns the identityLinkX509SubjectNames.
- * @return String[]
- */
- public String[] getIdentityLinkX509SubjectNames() {
- return identityLinkX509SubjectNames;
- }
-
- /**
- * Returns the bKUConnectionParameter.
- * @return ConnectionParameter
- */
- public ConnectionParameter getBKUConnectionParameter() {
- return bKUConnectionParameter;
- }
-
- /**
- * Returns the bKUSelectable.
- * @return boolean
- */
- public boolean isBKUSelectable() {
- return bKUSelectable;
- }
-
- /**
- * Returns the bKUSelectionType.
- * @return String
- */
- public String getBKUSelectionType() {
- return bKUSelectionType;
- }
-
-} \ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
deleted file mode 100644
index 9ee1ec606..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ /dev/null
@@ -1,93 +0,0 @@
-package at.gv.egovernment.moa.id.config.auth;
-
-/**
- * Configuration parameters belonging to an online application,
- * to use with the MOA ID Auth component.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class OAAuthParameter {
-
- /**
- * public URL prefix of the online application
- */
- private String publicURLPrefix;
- /**
- * determines whether "ZMR-Zahl" is to be included in the authentication data
- */
- private boolean provideZMRZahl;
- /**
- * determines whether AUTH block is to be included in the authentication data
- */
- private boolean provideAuthBlock;
- /**
- * determines whether identity link is to be included in the authentication data
- */
- private boolean provideIdentityLink;
-
- /**
- * Returns the provideAuthBlock.
- * @return String
- */
- public boolean getProvideAuthBlock() {
- return provideAuthBlock;
- }
-
- /**
- * Returns the provideIdentityLink.
- * @return String
- */
- public boolean getProvideIdentityLink() {
- return provideIdentityLink;
- }
-
- /**
- * Returns the provideZMRZahl.
- * @return String
- */
- public boolean getProvideZMRZahl() {
- return provideZMRZahl;
- }
-
- /**
- * Returns the publicURLPrefix.
- * @return String
- */
- public String getPublicURLPrefix() {
- return publicURLPrefix;
- }
-
- /**
- * Sets the provideAuthBlock.
- * @param provideAuthBlock The provideAuthBlock to set
- */
- public void setProvideAuthBlock(boolean provideAuthBlock) {
- this.provideAuthBlock = provideAuthBlock;
- }
-
- /**
- * Sets the provideIdentityLink.
- * @param provideIdentityLink The provideIdentityLink to set
- */
- public void setProvideIdentityLink(boolean provideIdentityLink) {
- this.provideIdentityLink = provideIdentityLink;
- }
-
- /**
- * Sets the provideZMRZahl.
- * @param provideZMRZahl The provideZMRZahl to set
- */
- public void setProvideZMRZahl(boolean provideZMRZahl) {
- this.provideZMRZahl = provideZMRZahl;
- }
-
- /**
- * Sets the publicURLPrefix.
- * @param publicURLPrefix The publicURLPrefix to set
- */
- public void setPublicURLPrefix(String publicURLPrefix) {
- this.publicURLPrefix = publicURLPrefix;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java
deleted file mode 100644
index c9a13fee5..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java
+++ /dev/null
@@ -1,145 +0,0 @@
-package at.gv.egovernment.moa.id.config.proxy;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * Holds configuration data concerning an online application for use by the MOA-ID Proxy component.
- * These include the login type (stateful or stateless), the HTTP authentication type,
- * and information needed to add authentication parameters or headers for a URL connection
- * to the remote online application.
- * @see <code>MOAIDConfiguration-1.1.xsd</code>, element <code>Configuration</code>
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class OAConfiguration {
-
- /** Constant for an login method */
- public static final String LOGINTYPE_STATEFUL = "stateful";
- /** Constant for an login method */
- public static final String LOGINTYPE_STATELESS = "stateless";
-
- /** Constant for an auth method */
- public static final String BASIC_AUTH = "basic";
- /** Constant for an auth method */
- public static final String HEADER_AUTH = "header";
- /** Constant for an auth method */
- public static final String PARAM_AUTH = "param";
-
- /** login type: stateful or stateless */
- String loginType;
- /** authentication type: basic, header, or param */
- String authType;
- /**
- * mapping of parameter names to AuthenticationData field names
- * in case of authentication type <code>"header-auth"</code>
- */
- Map paramAuthMapping;
- /**
- * mapping of parameter names to AuthenticationData field names
- * in case of authentication type <code>"param-auth"</code>
- */
- Map headerAuthMapping;
- /** mapping for user ID to be used in case of authentication type <code>"basic-auth"</code> */
- String basicAuthUserIDMapping;
- /** mapping for password to be used in case of authentication type <code>"basic-auth"</code> */
- String basicAuthPasswordMapping;
-
- /**
- * Returns the basicAuthPasswordMapping.
- * @return String
- */
- public String getBasicAuthPasswordMapping() {
- return basicAuthPasswordMapping;
- }
-
- /**
- * Returns the basicAuthUserIDMapping.
- * @return String
- */
- public String getBasicAuthUserIDMapping() {
- return basicAuthUserIDMapping;
- }
-
- /**
- * Returns the headerAuthMapping.
- * @return HashMap
- */
- public Map getHeaderAuthMapping() {
- return headerAuthMapping;
- }
-
- /**
- * Returns the loginType.
- * @return String
- */
- public String getLoginType() {
- return loginType;
- }
-
- /**
- * Returns the paramAuthMapping.
- * @return HashMap
- */
- public Map getParamAuthMapping() {
- return paramAuthMapping;
- }
-
- /**
- * Sets the basicAuthPasswordMapping.
- * @param basicAuthPasswordMapping The basicAuthPasswordMapping to set
- */
- public void setBasicAuthPasswordMapping(String basicAuthPassword) {
- this.basicAuthPasswordMapping = basicAuthPassword;
- }
-
- /**
- * Sets the basicAuthUserIDMapping.
- * @param basicAuthUserIDMapping The basicAuthUserIDMapping to set
- */
- public void setBasicAuthUserIDMapping(String basicAuthUserID) {
- this.basicAuthUserIDMapping = basicAuthUserID;
- }
-
- /**
- * Sets the headerAuthMapping.
- * @param headerAuthMapping The headerAuthMapping to set
- */
- public void setHeaderAuthMapping(HashMap headerAuth) {
- this.headerAuthMapping = headerAuth;
- }
-
- /**
- * Sets the loginType.
- * @param loginType The loginType to set
- */
- public void setLoginType(String loginType) {
- this.loginType = loginType;
- }
-
- /**
- * Sets the paramAuthMapping.
- * @param paramAuthMapping The paramAuthMapping to set
- */
- public void setParamAuthMapping(HashMap paramAuth) {
- this.paramAuthMapping = paramAuth;
- }
-
- /**
- * Returns the authType.
- * @return String
- */
- public String getAuthType() {
- return authType;
- }
-
- /**
- * Sets the authType.
- * @param authType The authType to set
- */
- public void setAuthType(String authLoginType) {
- this.authType = authLoginType;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java
deleted file mode 100644
index a16dcfa26..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java
+++ /dev/null
@@ -1,183 +0,0 @@
-package at.gv.egovernment.moa.id.config.proxy;
-
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-
-/**
- * Configuration parameters belonging to an online application,
- * to use with the MOA ID Proxy component.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class OAProxyParameter {
-
- /**
- * public URL prefix of the online application
- */
- private String publicURLPrefix;
- /**
- * URL of online application configuration file;
- * defaults to relative URL <code>/moaconfig.xml</code>
- */
- private String configFileURL;
- /**
- * implementation of {@link at.gv.egovernment.moa.id.proxy.LoginParameterResolver} interface
- * to be used for authenticating the online application;
- * defaults to {@link at.gv.egovernment.moa.id.proxy.DefaultLoginParameterResolver}
- */
- private String loginParameterResolverImpl;
-
- /**
- * Configuration Parameter of LoginParameterResolver
- */
- private String loginParameterResolverConfiguration;
-
- /**
- * implementation of {@link at.gv.egovernment.moa.id.proxy.ConnectionBuilder} interface
- * to be used for connecting to the online application;
- * defaults to {@link at.gv.egovernment.moa.id.proxy.DefaultConnectionBuilder}
- */
- private String connectionBuilderImpl;
- /**
- * session time out to be used in case of a stateless online application
- */
- private int sessionTimeOut;
- /**
- * parameters regarding the connection from the proxy to the online application
- */
- private ConnectionParameter connectionParameter;
- /**
- * parameters for logging into the online application
- */
- private OAConfiguration oaConfiguration;
-
-
- /**
- * Returns the configFileURL.
- * @return String
- */
- public String getConfigFileURL() {
- return configFileURL;
- }
-
- /**
- * Returns the sessionTimeOut.
- * @return int
- */
- public int getSessionTimeOut() {
- return sessionTimeOut;
- }
-
- /**
- * Returns the connectionParameter.
- * @return ConnectionParameter
- */
- public ConnectionParameter getConnectionParameter() {
- return connectionParameter;
- }
-
- /**
- * Sets the configFileURL.
- * @param configFileURL The configFileURL to set
- */
- public void setConfigFileURL(String oaProxyConfigFileURL) {
- this.configFileURL = oaProxyConfigFileURL;
- }
-
- /**
- * Sets the sessionTimeOut.
- * @param sessionTimeOut The sessionTimeOut to set
- */
- public void setSessionTimeOut(int oaProxySessionTimeOut) {
- this.sessionTimeOut = oaProxySessionTimeOut;
- }
-
- /**
- * Sets the connectionParameter.
- * @param connectionParameter The connectionParameter to set
- */
- public void setConnectionParameter(ConnectionParameter proxyConnectionParameter) {
- this.connectionParameter = proxyConnectionParameter;
- }
-
- /**
- * Returns the publicURLPrefix.
- * @return String
- */
- public String getPublicURLPrefix() {
- return publicURLPrefix;
- }
-
- /**
- * Sets the publicURLPrefix.
- * @param publicURLPrefix The publicURLPrefix to set
- */
- public void setPublicURLPrefix(String url) {
- this.publicURLPrefix = url;
- }
-
- /**
- * Returns the connectionBuilderImpl.
- * @return String
- */
- public String getConnectionBuilderImpl() {
- return connectionBuilderImpl;
- }
-
- /**
- * Returns the loginParameterResolverImpl.
- * @return String
- */
- public String getLoginParameterResolverImpl() {
- return loginParameterResolverImpl;
- }
-
- /**
- * Returns the loginParameterResolverConfiguration.
- * @return String
- */
- public String getLoginParameterResolverConfiguration() {
- return loginParameterResolverConfiguration;
- }
-
- /**
- * Sets the connectionBuilderImpl.
- * @param connectionBuilderImpl The connectionBuilderImpl to set
- */
- public void setConnectionBuilderImpl(String connectionBuilderImp) {
- this.connectionBuilderImpl = connectionBuilderImp;
- }
-
- /**
- * Sets the loginParameterResolverImpl.
- * @param loginParameterResolverImpl The loginParameterResolverImpl to set
- */
- public void setLoginParameterResolverImpl(String loginParameterResolverImpl) {
- this.loginParameterResolverImpl = loginParameterResolverImpl;
- }
-
- /**
- * Sets the loginParameterResolverConfiguration.
- * @param loginParameterResolverImpl The loginParameterResolverImpl to set
- */
- public void setLoginParameterResolverConfiguration(String loginParameterResolverConfiguration) {
- this.loginParameterResolverConfiguration = loginParameterResolverConfiguration;
- }
-
- /**
- * Returns the oaConfiguration.
- * @return OAConfiguration
- */
- public OAConfiguration getOaConfiguration() {
- return oaConfiguration;
- }
-
- /**
- * Sets the oaConfiguration.
- * @param oaConfiguration The oaConfiguration to set
- */
- public void setOaConfiguration(OAConfiguration oaConfiguration) {
- this.oaConfiguration = oaConfiguration;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java
deleted file mode 100644
index 622ae6f82..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java
+++ /dev/null
@@ -1,193 +0,0 @@
-package at.gv.egovernment.moa.id.config.proxy;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.net.MalformedURLException;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.config.ConfigurationBuilder;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-
-/**
- * A class providing access to the Proxy Part of the MOA-ID configuration data.
- *
- * <p>Configuration data is read from an XML file, whose location is given by
- * the <code>moa.id.configuration</code> system property.</p>
- * <p>This class implements the Singleton pattern. The <code>reload()</code>
- * method can be used to update the configuration data. Therefore, it is not
- * guaranteed that consecutive calls to <code>getInstance()</code> will return
- * the same <code>ProxyConfigurationProvider</code> all the time. During the
- * processing of a web service request, the current
- * <code>TransactionContext</code> should be used to obtain the
- * <code>ProxyConfigurationProvider</code> local to that request.</p>
- *
- * @author Stefan Knirsch
- */
-public class ProxyConfigurationProvider extends ConfigurationProvider {
-
- /** Singleton instance. <code>null</code>, if none has been created. */
- private static ProxyConfigurationProvider instance;
-
- /**
- * main configuration file directory name used to configure MOA-ID
- */
- private String rootConfigFileDir;
-
- //
- // configuration data
- //
- /**
- * connection parameters for connection to MOA ID Auth component
- */
- private ConnectionParameter authComponentConnectionParameter;
- /**
- * configuration parameters for online applications
- */
- private OAProxyParameter[] onlineApplicationProxyParameter;
-
- /**
- * Return the single instance of configuration data.
- *
- * @return ProxyConfigurationProvider The current configuration data.
- * @throws ConfigurationException
- */
- public static synchronized ProxyConfigurationProvider getInstance()
- throws ConfigurationException {
-
- if (instance == null) {
- reload();
- }
- return instance;
- }
-
- /**
- * Reload the configuration data and set it if successful.
- *
- * @return ProxyConfigurationProvider The loaded configuration data.
- * @throws ConfigurationException Failure to load the configuration data.
- */
- public static synchronized ProxyConfigurationProvider reload()
- throws ConfigurationException {
- String fileName = System.getProperty(CONFIG_PROPERTY_NAME);
- if (fileName == null) {
- throw new ConfigurationException("config.01", null);
- }
- Logger.info("Loading MOA-ID-PROXY configuration " + fileName);
-
- instance = new ProxyConfigurationProvider(fileName);
- return instance;
- }
-
- /**
- * Constructor for ProxyConfigurationProvider.
- */
- public ProxyConfigurationProvider(String fileName)
- throws ConfigurationException {
-
- load(fileName);
- }
-
- /**
- * Load the configuration data from XML file with the given name and build
- * the internal data structures representing the MOA configuration.
- *
- * @param fileName The name of the XML file to load.
- * @throws ConfigurationException The MOA configuration could not be
- * read/built.
- */
- private void load(String fileName) throws ConfigurationException {
- FileInputStream stream = null;
- Element configElem;
- ConfigurationBuilder builder;
-
- try {
- // load the main config file
- stream = new FileInputStream(fileName);
- configElem = DOMUtils.parseXmlValidating(stream);
- }
- catch (Throwable t) {
- throw new ConfigurationException("config.03", null, t);
- }
- finally {
- try {
- if (stream != null) {
- stream.close();
- }
- }
- catch (IOException e) {
- }
- }
- try {
- // determine the directory of the root config file
- rootConfigFileDir = new File(fileName).getParent();
- try {
- rootConfigFileDir = new File(rootConfigFileDir).toURL().toString();
- } catch (MalformedURLException t) {
- throw new ConfigurationException("config.03", null, t);
- }
-
- // build the internal datastructures
- builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
- authComponentConnectionParameter = builder.buildAuthComponentConnectionParameter();
-
- onlineApplicationProxyParameter = builder.buildOnlineApplicationProxyParameters();
- for(int i = 0; i < onlineApplicationProxyParameter.length; i++) {
- onlineApplicationProxyParameter[i].setConfigFileURL(FileUtils.makeAbsoluteURL(onlineApplicationProxyParameter[i].getConfigFileURL(), rootConfigFileDir));
- }
-
- genericConfiguration = builder.buildGenericConfiguration();
- defaultChainingMode = builder.getDefaultChainingMode();
- chainingModes = builder.buildChainingModes();
- trustedCACertificates = builder.getTrustedCACertificates();
- trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir);
-
- }
- catch (Throwable t) {
- throw new ConfigurationException("config.02", null, t);
- }
- }
-
- /**
- * Return a bean containing all information about the ProxyComponent
- * @return The ConnectionParameter for the Proxy Component
- */
- public ConnectionParameter getAuthComponentConnectionParameter() {
- return authComponentConnectionParameter;
- }
-
- /**
- * Build an array of OnlineApplication Parameter Beans containing all
- * information about the proxy component of the online application
- * @return An OAProxyParameter array containing beans
- * with all relevant information for the proxy component of the online
- * application
- */
- public OAProxyParameter[] getOnlineApplicationParameters() {
- return onlineApplicationProxyParameter;
- }
- /**
- * Provides configuration information regarding the online application behind
- * the given URL, relevant to the MOA-ID Proxy component.
- *
- * @param oaURL URL requested for an online application
- * @return an <code>OAProxyParameter</code>, or <code>null</code>
- * if none is applicable
- */
- public OAProxyParameter getOnlineApplicationParameter(String oaURL) {
- OAProxyParameter[] oaParams = getOnlineApplicationParameters();
- for (int i = 0; i < oaParams.length; i++) {
- OAProxyParameter oaParam = oaParams[i];
- if (oaURL.startsWith(oaParam.getPublicURLPrefix()))
- return oaParam;
- }
- return null;
- }
-
-} \ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java
deleted file mode 100644
index aac1dc422..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java
+++ /dev/null
@@ -1,314 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-
-import java.util.Date;
-
-/**
- * Encapsulates authentication data contained in a <code>&lt;saml:Assertion&gt;</code>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-
-public class AuthenticationData {
- /**
- * major version number of the SAML assertion
- */
- private int majorVersion;
- /**
- * minor version number of the SAML assertion
- */
- private int minorVersion;
- /**
- * identifier for this assertion
- */
- private String assertionID;
- /**
- * URL of the MOA-ID Auth component issueing this assertion
- */
- private String issuer;
- /**
- * time instant of issue of this assertion
- */
- private String issueInstant;
- /**
- * user identification (ZMR-Zahl); <code>null</code>,
- * if the authentication module is configured not to return this data
- */
- private String identificationValue;
- /**
- * application specific user identifier (VPK)
- */
- private String vpk;
- /**
- * given name of the user
- */
- private String givenName;
- /**
- * family name of the user
- */
- private String familyName;
- /**
- * date of birth of the user
- */
- private String dateOfBirth;
- /**
- * says whether the certificate is a qualified certificate or not
- */
- private boolean qualifiedCertificate;
- /**
- * says whether the certificate is a public authority or not
- */
- private boolean publicAuthority;
- /**
- * public authority code (Beh&ouml;rdenkennzeichen - BKZ)
- */
- private String publicAuthorityCode;
- /**
- * the corresponding <code>lt;saml:Assertion&gt;</code>
- */
- private String samlAssertion;
- /**
- * creation timestamp
- */
- Date timestamp;
-
- /**
- * Constructor for AuthenticationData.
- */
- public AuthenticationData() {
- timestamp = new Date();
- }
-
- /**
- * Returns the minorVersion.
- * @return int
- */
- public int getMinorVersion() {
- return minorVersion;
- }
-
- /**
- * Returns the publicAuthority.
- * @return boolean
- */
- public boolean isPublicAuthority() {
- return publicAuthority;
- }
-
- /**
- * Returns the publicAuthorityCode.
- * @return String
- */
- public String getPublicAuthorityCode() {
- return publicAuthorityCode;
- }
-
- /**
- * Returns the qualifiedCertificate.
- * @return boolean
- */
- public boolean isQualifiedCertificate() {
- return qualifiedCertificate;
- }
-
- /**
- * Returns the vpk.
- * @return String
- */
- public String getVPK() {
- return vpk;
- }
-
- /**
- * Sets the minorVersion.
- * @param minorVersion The minorVersion to set
- */
- public void setMinorVersion(int minorVersion) {
- this.minorVersion = minorVersion;
- }
-
- /**
- * Sets the publicAuthority.
- * @param publicAuthority The publicAuthority to set
- */
- public void setPublicAuthority(boolean publicAuthority) {
- this.publicAuthority = publicAuthority;
- }
-
- /**
- * Sets the publicAuthorityCode.
- * @param publicAuthorityCode The publicAuthorityCode to set
- */
- public void setPublicAuthorityCode(String publicAuthorityIdentification) {
- this.publicAuthorityCode = publicAuthorityIdentification;
- }
-
- /**
- * Sets the qualifiedCertificate.
- * @param qualifiedCertificate The qualifiedCertificate to set
- */
- public void setQualifiedCertificate(boolean qualifiedCertificate) {
- this.qualifiedCertificate = qualifiedCertificate;
- }
-
- /**
- * Sets the vpk.
- * @param vpk The vpk to set
- */
- public void setVPK(String vpk) {
- this.vpk = vpk;
- }
-
- /**
- * Returns the assertionID.
- * @return String
- */
- public String getAssertionID() {
- return assertionID;
- }
-
- /**
- * Returns the dateOfBirth.
- * @return String
- */
- public String getDateOfBirth() {
- return dateOfBirth;
- }
-
- /**
- * Returns the familyName.
- * @return String
- */
- public String getFamilyName() {
- return familyName;
- }
-
- /**
- * Returns the givenName.
- * @return String
- */
- public String getGivenName() {
- return givenName;
- }
-
- /**
- * Returns the identificationValue.
- * @return String
- */
- public String getIdentificationValue() {
- return identificationValue;
- }
-
- /**
- * Returns the issueInstant.
- * @return String
- */
- public String getIssueInstant() {
- return issueInstant;
- }
-
- /**
- * Returns the issuer.
- * @return String
- */
- public String getIssuer() {
- return issuer;
- }
-
- /**
- * Returns the majorVersion.
- * @return int
- */
- public int getMajorVersion() {
- return majorVersion;
- }
-
- /**
- * Sets the assertionID.
- * @param assertionID The assertionID to set
- */
- public void setAssertionID(String assertionID) {
- this.assertionID = assertionID;
- }
-
- /**
- * Sets the dateOfBirth.
- * @param dateOfBirth The dateOfBirth to set
- */
- public void setDateOfBirth(String dateOfBirth) {
- this.dateOfBirth = dateOfBirth;
- }
-
- /**
- * Sets the familyName.
- * @param familyName The familyName to set
- */
- public void setFamilyName(String gamilyName) {
- this.familyName = gamilyName;
- }
-
- /**
- * Sets the givenName.
- * @param givenName The givenName to set
- */
- public void setGivenName(String givenName) {
- this.givenName = givenName;
- }
-
- /**
- * Sets the identificationValue.
- * @param identificationValue The identificationValue to set
- */
- public void setIdentificationValue(String identificationValue) {
- this.identificationValue = identificationValue;
- }
-
- /**
- * Sets the issueInstant.
- * @param issueInstant The issueInstant to set
- */
- public void setIssueInstant(String issueInstant) {
- this.issueInstant = issueInstant;
- }
-
- /**
- * Sets the issuer.
- * @param issuer The issuer to set
- */
- public void setIssuer(String issuer) {
- this.issuer = issuer;
- }
-
- /**
- * Sets the majorVersion.
- * @param majorVersion The majorVersion to set
- */
- public void setMajorVersion(int majorVersion) {
- this.majorVersion = majorVersion;
- }
-
- /**
- * Returns the samlAssertion.
- * @return String
- */
- public String getSamlAssertion() {
- return samlAssertion;
- }
-
- /**
- * Sets the samlAssertion.
- * @param samlAssertion The samlAssertion to set
- */
- public void setSamlAssertion(String samlAssertion) {
- this.samlAssertion = samlAssertion;
- }
-
- /**
- * Returns the timestamp.
- * @return Date
- */
- public Date getTimestamp() {
- return timestamp;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/Cookie.java b/id.server/src/at/gv/egovernment/moa/id/data/Cookie.java
deleted file mode 100644
index 5729e54c3..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/Cookie.java
+++ /dev/null
@@ -1,119 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.StringTokenizer;
-
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * The Cookie-class provides methods to save and return cookies for
- * each single session
- *
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class Cookie {
- /** A HahsMap containing all our cookies */
- HashMap cookies = new HashMap();
- /** A HashMap to temporarely store 'Set-Cookie' values from the OnlineApplication
- * to send them back to the client/browser as soon as possible */
- HashMap cookies401 = new HashMap();
-
- /**
- * Adds a Cookie from a response with response-code 401 to the cookie-pool
- * for sending it back to the browser / client
- * @param String: the complete 'Set-Cookie' - String
- */
- public void add401(String cookieString)
- {
- cookies401.put(getKey(cookieString),cookieString);
- }
-
- /**
- * Get the HashMap containing all cookies to be sent to the browser / client
- * @return HashMap with all cookies
- */
- public HashMap get401()
- {
- return cookies401;
- }
-
- /**
- * Clear the 401 cookie-pool
- */
- public void clear401()
- {
- cookies401.clear();
- }
-
- /**
- * Set a cookie that comes from the Online-Application
- * and save it in our "normal" cookie-pool
- * @param String the complete "Set-Cookie" - String from the Online-Application
- */
- public void setCookie(String value) {
- cookies.put(getKey(value), getValue(value));
- }
-
- /**
- * Method saveOldCookies.
- * @param String the complete "Set-Cookie" - String from the Online-Application
- */
- public void saveOldCookies(String value) {
- StringTokenizer st = new StringTokenizer(value,";");
- while (st.hasMoreTokens())
- {
- // We have to trim because the Tokenizer returns cookies including spaces at the beginning
- StringTokenizer st2 = new StringTokenizer(st.nextToken().trim(),"=");
- String cookieKey = st2.nextToken().trim();
- if (st2.hasMoreTokens())
- {
- String cookieValue = st2.nextToken().trim();
- if (!cookies.containsKey(cookieKey))
- cookies.put(cookieKey , cookieValue);
- }
- }
- Logger.debug("Found these cookies: " + getCookies());
- }
-
- /**
- * Get a String containing all cookies saved in that session seperated by '; '
- * to be sent back to the Online-Application
- * @return String containing all cookies saved in that session seperated by '; '
- */
- public String getCookies() {
- String result = "";
- if (cookies.size()==0)
- return null;
- Iterator i = cookies.keySet().iterator();
- while (i.hasNext()) {
- String key = (String) i.next();
- result += key + "=" + (String)cookies.get(key) + "; ";
- }
- return result.substring(0, result.length() - 2);
- }
-
- /**
- * Returns the key of a key-value-pair of a cookie
- * getKey("CookieA=1234") returns CookieA
- * @param String the complete "Set-cookie" String containing a key-value-pair of a cookie
- * @return String the key of a key-value-pair of a cookie
- */
- private String getKey(String input) {
- return input.substring(0, input.indexOf("="));
- }
-
- /**
- * Returns the value of a key-value-pair of a cookie
- * getKey("CookieA=1234") returns 1234
- * @param String the complete "Set-cookie" String containing a key-value-pair of a cookie
- * @return String the value of a key-value-pair of a cookie
- */
- private String getValue(String input) {
- if (input.indexOf(";") == -1)
- return input.substring(input.indexOf("=") + 1, input.getBytes().length);
- return input.substring(input.indexOf("=") + 1, input.indexOf(";"));
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java b/id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java
deleted file mode 100644
index 98f84c429..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java
+++ /dev/null
@@ -1,114 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-
-import java.util.HashMap;
-
-/**
- * The CookieManager is a singleton to manage a Cookie-Object for
- * each session
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class CookieManager {
- /** the singleton instance of the CookieManager */
- private static CookieManager instance;
- /** a HashMap to bind a Cookie-object to every single session*/
- private static HashMap cookies = new HashMap();
-
- /**
- * Create a singleton of the CookieManager
- * @return CookieManager
- */
- public static CookieManager getInstance()
- {
- if(instance==null) instance=new CookieManager();
- return instance;
- }
-
- /**
- * Save a cookie to a specified session-id
- * @param String id the session id
- * @param String cookie_string - the complete 'Set-Cookie' String from the OnlineApplication
- */
- public void saveCookie(String id,String cookie_string)
- {
- getCookieWithID(id).setCookie(cookie_string);
- }
-
- /**
- * Method saveOldCookies.
- * @param id
- * @param cookie_string
- */
- public void saveOldCookies(String id,String cookie_string)
- {
- getCookieWithID(id).saveOldCookies(cookie_string);
- }
-
- /**
- * Get a Cookie-Object for a specified session-id
- * @param String id the session id
- * @return Cookie object containing all saved cookies for this session
- */
- public Cookie getCookieWithID(String id)
- {
- Cookie c = null;
- if(cookies.containsKey(id))
- c = (Cookie)cookies.get(id);
- else
- {
- c = new Cookie();
- cookies.put(id,c);
- }
- return c;
- }
-
-
- /**
- * Get a String containing all cookies of a specified session-id
- * saved in that session seperated by '; ' to be sent back to
- * the Online-Application
- * @param id the session-id
- * @return String containing all cookies saved in that session seperated by '; '
- */
- public String getCookie(String id)
- {
- Cookie result = (Cookie)cookies.get((String)id);
- if (result==null)
- return null;
- return result.getCookies();
-
- }
-
- /**
- * Adds a Cookie for a special session from a response with
- * response-code 401 to the cookie-pool for sending it back
- * to the browser / client
- * @param id the session-id
- * @param String: the complete 'Set-Cookie' - String
- */
- public void add401(String id,String value)
- {
- getCookieWithID(id).add401(value);
- }
-
- /**
- * Clear the 401 cookie-pool of a session
- * @param id the session-id
- */
- public void clear401(String id)
- {
- getCookieWithID(id).clear401();
- }
-
- /**
- * Get the HashMap containing all cookies of a session to be sent to the browser / client
- * @param id the session-id
- * @return HashMap with all cookies
- */
- public HashMap get401(String id)
- {
- return getCookieWithID(id).get401();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java b/id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java
deleted file mode 100644
index a47dd8b29..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java
+++ /dev/null
@@ -1,111 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-
-import java.math.BigInteger;
-import java.security.Principal;
-
-import iaik.asn1.structures.Name;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-
-/**
- * A class containing the issuer and serial number of a certificate, which can
- * be used to uniquely identify the certificate.
- *
- * @author Patrick Peck
- * @version $Id$
- */
-public class IssuerAndSerial {
- /** store the issuer as String*/
- private String issuerDN;
- /** store the serial as BigInteger*/
- private BigInteger serial;
-
- /**
- * Create an <code>IssuerAndSerial</code> object.
- *
- * The name of the issuer is converted to RFC2253. If it cannot be parsed, the
- * DN contained in the <code>issuer</code> is set.
- *
- * @param issuer The isser of a certificate.
- * @param serial The serial number of the certificate.
- */
- public IssuerAndSerial(Principal issuer, BigInteger serial) {
- RFC2253NameParser parser = new RFC2253NameParser(issuer.getName());
-
- try {
- this.issuerDN = ((Name) parser.parse()).getRFC2253String();
- } catch (RFC2253NameParserException e) {
- this.issuerDN = issuer.getName();
- }
- this.serial = serial;
- }
-
- /**
- * Create an <code>IssuerAndSerial</code> object.
- *
- * @param issuerDN The issuer distinguished name. Should be an RFC2253 name.
- * @param serial The serial number of the certificate.
- */
- public IssuerAndSerial(String issuerDN, BigInteger serial) {
- this.issuerDN = issuerDN;
- this.serial = serial;
- }
-
- /**
- * Return the issuer DN in RFC2253 format.
- *
- * @return The issuer part of this object.
- */
- public String getIssuerDN() {
- return issuerDN;
- }
-
- /**
- * Return the serial number.
- *
- * @return The serial number of this object.
- */
- public BigInteger getSerial() {
- return serial;
- }
-
- /**
- * Compare this <code>IssuerAndSerial</code> to another object.
- *
- * @return <code>true</code>, if <code>other</code> is an
- * <code>IssuerAndSerial</code> object and the <code>issuer</code> and
- * <code>serial</code> fields are both equal. <code>false</code> otherwise.
- * @see java.lang.Object#equals(java.lang.Object)
- */
- public boolean equals(Object other) {
- if (other instanceof IssuerAndSerial) {
- IssuerAndSerial ias = (IssuerAndSerial) other;
- return getIssuerDN().equals(ias.getIssuerDN())
- && getSerial().equals(ias.getSerial());
- }
- return false;
- }
-
- /**
- * Return the hash code of this <code>IssuerAndSerial</code>.
- *
- * @return The hash code of this <code>IssuerAndSerial</code>.
- * @see java.lang.Object#hashCode()
- */
- public int hashCode() {
- return issuerDN.hashCode() ^ serial.hashCode();
- }
-
- /**
- * Return a <code>String</code> representation of this
- * <code>IssuerAndSerial</code> object.
- *
- * @return The <code>String</code> representation.
- * @see java.lang.Object#toString()
- */
- public String toString() {
- return ("(IssuerAndSerial - Issuer<" + getIssuerDN())
- + ("> Serial<" + serial.toString() + ">)");
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java b/id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java
deleted file mode 100644
index ed61827b6..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-
-/**
- * Data contained in a <code>&lt;samlp:Status&gt;</code>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLStatus {
-
- /** main status code */
- private String statusCode;
- /** sub status code */
- private String subStatusCode;
- /** status message */
- private String statusMessage;
-
- /**
- * @return status code
- */
- public String getStatusCode() {
- return statusCode;
- }
-
- /**
- * @return status message
- */
- public String getStatusMessage() {
- return statusMessage;
- }
-
- /**
- * @return enclosed sub-status code
- */
- public String getSubStatusCode() {
- return subStatusCode;
- }
-
- /**
- * @param string the status code
- */
- public void setStatusCode(String string) {
- statusCode = string;
- }
-
- /**
- * @param string the status message
- */
- public void setStatusMessage(String string) {
- statusMessage = string;
- }
-
- /**
- * @param string the enclosed sub-status code
- */
- public void setSubStatusCode(String string) {
- subStatusCode = string;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java
deleted file mode 100644
index 421286876..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java
+++ /dev/null
@@ -1,91 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.config;
-
-import java.io.File;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.iaik.servertools.observer.ObservableImpl;
-import iaik.pki.store.certstore.CertStoreConfiguration;
-import iaik.pki.store.certstore.CertStoreParameters;
-import iaik.pki.store.certstore.CertStoreTypes;
-import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters;
-
-/**
- * Implementation of interface needed to initialize an IAIK JSSE <code>TrustManager</code>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class CertStoreConfigurationImpl extends ObservableImpl
- implements CertStoreConfiguration, DirectoryCertStoreParameters {
- /** identifies the rootDirectory */
- private String rootDirectory;
- /** Array for storing all CertStoreParameters */
- private CertStoreParameters[] parameters;
-
- /**
- * Create a new <code>CertStoreConfigurationImpl</code>.
- *
- * @param conf The MOA configuration from which the configuration data is
- * @throws ConfigurationException an any config-error
- * being read.
- */
- public CertStoreConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException {
- String paramName = ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY;
- String rootDirParam = conf.getGenericConfigurationParameter(paramName);
- if (rootDirParam == null)
- throw new ConfigurationException(
- "config.08", new Object[] {paramName});
- File f = new File(rootDirParam);
- if (f.isDirectory())
- rootDirectory = f.getAbsolutePath();
- else
- throw new ConfigurationException(
- "config.05", new Object[] {paramName});
-
- parameters = new CertStoreParameters[] { this };
- }
-
- /**
- * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters()
- */
- public CertStoreParameters[] getParameters() {
- return parameters;
- }
-
- /**
- * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory()
- */
- public String getRootDirectory() {
- return rootDirectory;
- }
-
- /**
- * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew()
- */
- public boolean createNew() {
- return false;
- }
-
- /**
- * @see iaik.pki.store.certstore.CertStoreParameters#getId()
- */
- public String getId() {
- return "MOA ID Directory CertStore";
- }
-
- /**
- * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly()
- */
- public boolean isReadOnly() {
- return false;
- }
-
- /**
- * @return <code>CertStoreTypes.DIRECTORY</code>
- * @see iaik.pki.store.certstore.CertStoreParameters#getType()
- */
- public String getType() {
- return CertStoreTypes.DIRECTORY;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/LoggerConfigImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/LoggerConfigImpl.java
deleted file mode 100644
index 3cd02a2b5..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/LoggerConfigImpl.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.config;
-
-import iaik.logging.LogConfigurationException;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URL;
-import java.util.Properties;
-
-/**
- * Implementation of interface <needed to initialize an IAIK JSSE <code>TrustManager</code>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class LoggerConfigImpl implements iaik.logging.LoggerConfig {
-
- /** logging properties **/
- private Properties loggingProperties;
-
- /**
- * Constructor
- */
- public LoggerConfigImpl(String propertyFileURL) throws IOException {
- InputStream in = new URL(propertyFileURL).openStream();
- loggingProperties = new Properties();
- loggingProperties.load(in);
- in.close();
- }
-
- /**
- * @see iaik.logging.LoggerConfig#getFactory()
- */
- public String getFactory() {
- return "iaik.logging.impl.Log4jFactory";
- }
-
- /**
- * @see iaik.logging.LoggerConfig#getProperties()
- */
- public Properties getProperties() throws LogConfigurationException {
- return loggingProperties;
- }
-
- /**
- * @see iaik.logging.LoggerConfig#getNodeId()
- */
- public String getNodeId() {
- return "iaik";
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java
deleted file mode 100644
index 8d09e2bc9..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java
+++ /dev/null
@@ -1,65 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.config;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import iaik.pki.PKIConfiguration;
-import iaik.pki.pathvalidation.ValidationConfiguration;
-import iaik.pki.revocation.RevocationConfiguration;
-import iaik.pki.store.certstore.CertStoreConfiguration;
-import iaik.pki.store.revocation.archive.ArchiveConfiguration;
-
-/**
- * Implementation of interface <code>PKIConfiguration</code> needed to
- * initialize an IAIK JSSE <code>TrustManager</code>
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class PKIConfigurationImpl implements PKIConfiguration {
- /** The configuration for the CertStore */
- private CertStoreConfiguration certStoreConfiguration;
- /** The configuration for the RevocationChecks */
- private RevocationConfiguration revocationConfiguration;
- /** The configuration for the Validation */
- private ValidationConfiguration validationConfiguration;
-
- /**
- * Constructor
- * @param conf the Configuration for the PKIConfig
- * @throws ConfigurationException for any config error
- */
- public PKIConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException {
- certStoreConfiguration = new CertStoreConfigurationImpl(conf);
- revocationConfiguration = new RevocationConfigurationImpl();
- validationConfiguration = new ValidationConfigurationImpl(conf);
- }
-
- /**
- * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration()
- */
- public CertStoreConfiguration getCertStoreConfiguration() {
- return certStoreConfiguration;
- }
-
- /**
- * @see iaik.pki.PKIConfiguration#getRevocationConfiguration()
- */
- public RevocationConfiguration getRevocationConfiguration() {
- return revocationConfiguration;
- }
-
- /**
- * @see iaik.pki.PKIConfiguration#getArchiveConfiguration()
- */
- public ArchiveConfiguration getArchiveConfiguration() {
- return null;
- }
-
- /**
- * @see iaik.pki.PKIConfiguration#getValidationConfiguration()
- */
- public ValidationConfiguration getValidationConfiguration() {
- return validationConfiguration;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/RevocationConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/RevocationConfigurationImpl.java
deleted file mode 100644
index c583babdc..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/RevocationConfigurationImpl.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.config;
-
-import iaik.pki.revocation.RevocationConfiguration;
-
-import java.security.cert.X509Certificate;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Set;
-
-import at.gv.egovernment.moa.id.iaik.servertools.observer.*;
-
-/**
- * Implementation of interface needed to initialize an IAIK JSSE <code>TrustManager</code>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class RevocationConfigurationImpl extends ObservableImpl implements RevocationConfiguration {
-
- /**
- * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints(java.security.cert.X509Certificate, java.util.Date)
- */
- public Set getAlternativeDistributionPoints(
- X509Certificate arg0,
- Date arg1) {
- return Collections.EMPTY_SET;
- }
-
- /**
- * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String, java.lang.String)
- */
- public boolean archiveRevocationInfo(String arg0, String arg1) {
- return false;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/ValidationConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/ValidationConfigurationImpl.java
deleted file mode 100644
index c500e2e8e..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/ValidationConfigurationImpl.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.config;
-
-import iaik.pki.pathvalidation.ValidationConfiguration;
-
-import java.security.cert.X509Certificate;
-import java.security.spec.AlgorithmParameterSpec;
-
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.iaik.servertools.observer.ObservableImpl;
-
-/**
- * Implementation of interface needed to initialize an IAIK JSSE <code>TrustManager</code>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ValidationConfigurationImpl extends ObservableImpl
- implements ValidationConfiguration {
- /** The ConfigurationProvider for the validation*/
- private ConfigurationProvider conf;
-
- /**
- * Constructor
- * @param conf with the configuration
- */
- public ValidationConfigurationImpl(ConfigurationProvider conf) {
- this.conf = conf;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationConfiguration#getChainingMode(java.security.cert.X509Certificate)
- */
- public String getChainingMode(X509Certificate trustAnchor) {
- String chainingMode = conf.getChainingMode(trustAnchor);
- return chainingMode;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsSpec(java.security.cert.X509Certificate)
- */
- public AlgorithmParameterSpec getPublicKeyParamsAsSpec(X509Certificate arg0) {
- return null;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsCert(java.security.cert.X509Certificate)
- */
- public X509Certificate getPublicKeyParamsAsCert(X509Certificate arg0) {
- return null;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/pki/PKIProfileImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/pki/PKIProfileImpl.java
deleted file mode 100644
index 4d309c18c..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/pki/PKIProfileImpl.java
+++ /dev/null
@@ -1,166 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.pki;
-
-import java.security.cert.X509Certificate;
-import java.util.Collections;
-import java.util.Set;
-
-import iaik.pki.PKIProfile;
-import iaik.pki.pathvalidation.ValidationProfile;
-import iaik.pki.revocation.RevocationProfile;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.pki.store.truststore.TrustStoreProfile;
-import iaik.pki.store.truststore.TrustStoreTypes;
-
-import at.gv.egovernment.moa.id.iaik.servertools.observer.ObservableImpl;
-
-/**
- * Implementation of the <code>PKIProfile</code> interface and subinterfaces
- * providing information needed for certificate path validation.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class PKIProfileImpl extends ObservableImpl
- implements PKIProfile, RevocationProfile, TrustStoreProfile, ValidationProfile {
-
- /**
- * URI to the truststore
- */
- private String trustStoreURI;
-
- /**
- * revocation checking;
- */
- private boolean revocationChecking;
-
-
- /**
- * Create a new <code>PKIProfileImpl</code>.
- *
- * @param trustStoreURI trust store URI
- */
- public PKIProfileImpl(String trustStoreURI, boolean revocationChecking) {
- this.trustStoreURI = trustStoreURI;
- this.revocationChecking = revocationChecking;
- }
-
- /**
- * @see iaik.pki.PKIProfile#autoAddCertificates()
- */
- public boolean autoAddCertificates() {
- return true;
- }
-
- /**
- * @see iaik.pki.PKIProfile#getRevocationProfile()
- */
- public RevocationProfile getRevocationProfile() {
- return this;
- }
-
- /**
- * @see iaik.pki.PKIProfile#getTrustStoreProfile()
- */
- public TrustStoreProfile getTrustStoreProfile() {
- return this;
- }
-
- /**
- * @see iaik.pki.PKIProfile#getValidationProfile()
- */
- public ValidationProfile getValidationProfile() {
- return this;
- }
-
- /**
- * @see iaik.pki.PKIProfile#useAuthorityInfoAccess()
- */
- public boolean useAuthorityInfoAccess() {
- return true;
- }
-
- /**
- * @see iaik.pki.revocation.RevocationProfile#getMaxRevocationAge(java.lang.String)
- */
- public long getMaxRevocationAge(String arg0) {
- return 0;
- }
-
- /**
- * @see iaik.pki.revocation.RevocationProfile#getOCSPRequestHashAlgorithm()
- */
- public String getOCSPRequestHashAlgorithm() {
- return null;
- }
-
- /**
- * @see iaik.pki.revocation.RevocationProfile#getPreferredServiceOrder(java.security.cert.X509Certificate)
- */
- public String[] getPreferredServiceOrder(X509Certificate arg0) {
- return new String[] {RevocationSourceTypes.CRL};
- }
-
- /**
- * @see iaik.pki.store.truststore.TrustStoreProfile#getType()
- */
- public String getType() {
- return TrustStoreTypes.DIRECTORY;
- }
-
- /**
- * @see iaik.pki.store.truststore.TrustStoreProfile#getURI()
- */
- public String getURI() {
- return trustStoreURI;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getInitialAnyPolicyInhibit()
- */
- public boolean getInitialAnyPolicyInhibit() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getInitialExplicitPolicy()
- */
- public boolean getInitialExplicitPolicy() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicyMappingInhibit()
- */
- public boolean getInitialPolicyMappingInhibit() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicySet()
- */
- public Set getInitialPolicySet() {
- return Collections.EMPTY_SET;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getNameConstraintsProcessing()
- */
- public boolean getNameConstraintsProcessing() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getPolicyProcessing()
- */
- public boolean getPolicyProcessing() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getRevocationChecking()
- */
- public boolean getRevocationChecking() {
- return this.revocationChecking;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java b/id.server/src/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java
deleted file mode 100644
index 9da006d35..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java
+++ /dev/null
@@ -1,119 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.pki.jsse;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.List;
-
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
-
-import iaik.pki.jsse.IAIKX509TrustManager;
-
-/**
- * <code>TrustManager</code> implementation featuring CRL checking (inherited from
- * <code>IAIKX509TrustManager</code>), plus server-end-SSL-certificate checking.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDTrustManager extends IAIKX509TrustManager {
-
- /** an x509Certificate array containing all accepted server certificates*/
- private X509Certificate[] acceptedServerCertificates;
-
- /**
- * Constructor
- * @param acceptedServerCertificateStoreURL the url leading to the acceptedServer cert store
- * @throws GeneralSecurityException occurs on security errors
- * @throws IOException occurs on IO errors
- */
- public MOAIDTrustManager(String acceptedServerCertificateStoreURL)
- throws IOException, GeneralSecurityException {
-
- if (acceptedServerCertificateStoreURL != null)
- buildAcceptedServerCertificates(acceptedServerCertificateStoreURL);
- else
- acceptedServerCertificates = null;
- }
-
-
- /**
- * Initializes the LoggingContextManager logging context.
- * Fixes a bug occuring in the case MOA-SP is called by API.
- * In this case, IAIKX509TrustManager uses the LogginConfig of MOA-SP.
- * This method must be called before a MOAIDTrustManager is constructed,
- * from every thread.
- */
- public static void initializeLoggingContext() {
- if (LoggingContextManager.getInstance().getLoggingContext() == null)
- LoggingContextManager.getInstance().setLoggingContext(
- new LoggingContext(Thread.currentThread().getName()));
- }
-
-
- /**
- * Builds an Array of accepted server certificates from an URL,
- * and stores it in <code>acceptedServerCertificates</code>.
- * @param acceptedServerCertificateStoreURL file URL pointing to the directory
- * containing accepted server X509 certificates
- * @throws GeneralSecurityException on security errors
- * @throws IOException on any IO errors
- */
- private void buildAcceptedServerCertificates(String acceptedServerCertificateStoreURL)
- throws IOException, GeneralSecurityException {
-
- List certList = new ArrayList();
- URL storeURL = new URL(acceptedServerCertificateStoreURL);
- File storeDir = new File(storeURL.getFile());
- // list certificate files in directory
- File[] certFiles = storeDir.listFiles();
- for (int i = 0; i < certFiles.length; i++) {
- // for each: create an X509Certificate and store it in list
- File certFile = certFiles[i];
- FileInputStream fis = new FileInputStream(certFile.getPath());
- CertificateFactory certFact = CertificateFactory.getInstance("X.509");
- X509Certificate cert = (X509Certificate)certFact.generateCertificate(fis);
- fis.close();
- certList.add(cert);
- }
- // store acceptedServerCertificates
- acceptedServerCertificates = (X509Certificate[]) certList.toArray(new X509Certificate[0]);
- }
-
- /**
- * Does additional server-end-SSL-certificate checking.
- * @see com.sun.net.ssl.X509TrustManager#isServerTrusted(java.security.cert.X509Certificate[])
- */
- public boolean isServerTrusted(X509Certificate[] certChain) {
- boolean trusted = super.isServerTrusted(certChain);
- if (! trusted || acceptedServerCertificates == null)
- return trusted;
- else {
- // check server-end-SSL-certificate with acceptedServerCertificates
- X509Certificate serverCert = certChain[0];
- for (int i = 0; i < acceptedServerCertificates.length; i++) {
- X509Certificate acceptedServerCert = acceptedServerCertificates[i];
- if (serverCert.equals(acceptedServerCert))
- return true;
- }
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage("ssl.01", null));
- return false;
- }
- }
- /**
- * In rare cases, this method is being called although it should not be.
- * @see com.sun.net.ssl.X509TrustManager#isClientTrusted(X509Certificate[])
- */
- public boolean isClientTrusted(java.security.cert.X509Certificate arg0[])
- {
- return true;
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java
deleted file mode 100644
index 6f6949ad6..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java
+++ /dev/null
@@ -1,46 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.servertools.observer;
-
-import iaik.servertools.observer.NotificationData;
-import iaik.servertools.observer.Observable;
-import iaik.servertools.observer.Observer;
-
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-
-/**
- * Implementation of interface <needed to initialize an IAIK JSSE <code>TrustManager</code>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ObservableImpl implements Observable {
- /** a List for all observers */
- private List observers = new ArrayList();
-
- /**
- * @see iaik.servertools.observer.Observable#addObserver(iaik.servertools.observer.Observable)
- */
- public void addObserver(Observer observer) {
- observers.add(observer);
- }
-
- /**
- * @see iaik.servertools.observer.Observable#removeObserver(iaik.servertools.observer.Observable)
- */
- public boolean removeObserver(Observer observer) {
- return observers.remove(observer);
- }
-
- /**
- * @see iaik.servertools.observer.Observable#notify(iaik.servertools.observer.NotificationData)
- */
- public void notify(NotificationData data) {
- Iterator iter = observers.iterator();
- for (iter = observers.iterator(); iter.hasNext();) {
- Observer observer = (Observer) iter.next();
- observer.notify(data);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.java
deleted file mode 100644
index 8039b67a6..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.java
+++ /dev/null
@@ -1,54 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.util.Map;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * Builder for {@link java.net.URLConnection} objects used to forward requests
- * to the remote online application.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-
-public interface ConnectionBuilder {
-
- /**
- * Builds an HttpURLConnection to a {@link java.net.URL} which is derived
- * from an {@link HttpServletRequest} URL, by substitution of a
- * public URL prefix for the real URL prefix.<br>
- * The HttpURLConnection has been created by {@link java.net.URL#openConnection}, but
- * it has not yet been connected to by {@link java.net.URLConnection#connect}.<br>
- * The field settings of the HttpURLConnection are:
- * <ul>
- * <li><code>allowUserInteraction = false</code></li>
- * <li><code>doInput = true</code></li>
- * <li><code>doOutput = true</code></li>
- * <li><code>requestMethod = request.getMethod()</code></li>
- * <li><code>useCaches = false</code></li>
- * </ul>
- *
- * @param request the incoming request which shall be forwarded
- * @param publicURLPrefix the public URL prefix to be substituted by the real URL prefix
- * @param realURLPrefix the URL prefix to substitute the public URL prefix
- * @param sslSocketFactory factory to be used for creating an SSL socket in case
- * of a URL for scheme <code>"https:"</code>;
- * <br>if <code>null</code>, the default SSL socket factory would be used
- * @param parameters parameters to be forwarded
- * @return a URLConnection created by {@link java.net.URL#openConnection}, connecting to
- * the requested URL with <code>publicURLPrefix</code> substituted by <code>realURLPrefix</code>
- * @throws IOException if an I/O exception occurs during opening the connection
- * @see java.net.URL#openConnection()
- * @see com.sun.net.ssl.HttpsURLConnection#getDefaultSSLSocketFactory()
- */
- public HttpURLConnection buildConnection(
- HttpServletRequest request,
- String publicURLPrefix,
- String realURLPrefix,
- SSLSocketFactory sslSocketFactory,
- Map parameters) throws IOException;
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java b/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java
deleted file mode 100644
index ff7787839..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java
+++ /dev/null
@@ -1,68 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-
-/**
- * Factory delivering a {@link ConnectionBuilder} implementation for
- * an online application, initialized from configuration data.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ConnectionBuilderFactory {
-
- /** default connection builder to be used for online application
- * where no special implementation of the <code>ConnectionBuilder</code>
- * interface is configured
- */
- private static ConnectionBuilder defaultConnectionBuilder;
- /** mapping from online application public URL prefix to an implementation
- * of the <code>ConnectionBuilder</code> interface to be used;
- * if no mapping is given for an online application, the
- * <code>DefaultConnectionBuilder</code> will be used */
- private static Map connectionBuilderMap;
-
- /**
- * Initializes the <code>ConnectionBuilder</code> map from the configuration data.
- * @throws ConfigurationException when the configuration cannot be read,
- * or when a class name configured cannot be instantiated
- */
- public static void initialize() throws ConfigurationException {
- defaultConnectionBuilder = new DefaultConnectionBuilder();
- connectionBuilderMap = new HashMap();
- ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance();
- for (int i = 0; i < proxyConf.getOnlineApplicationParameters().length; i++) {
- OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameters()[i];
- String publicURLPrefix = oaParam.getPublicURLPrefix();
- String className = oaParam.getConnectionBuilderImpl();
- if (className != null) {
- try {
- ConnectionBuilder cb = (ConnectionBuilder)Class.forName(className).newInstance();
- connectionBuilderMap.put(publicURLPrefix, cb);
- }
- catch (Throwable ex) {
- throw new ConfigurationException("config.07", new Object[] {publicURLPrefix}, ex);
- }
- }
- }
- }
-
- /**
- * Gets the <code>ConnectionBuilder</code> implementation to be used for the given
- * online application.
- * @param publicURLPrefix public URL prefix of the online application
- * @return <code>ConnectionBuilder</code> implementation
- */
- public static ConnectionBuilder getConnectionBuilder(String publicURLPrefix) {
- ConnectionBuilder cb = (ConnectionBuilder) connectionBuilderMap.get(publicURLPrefix);
- if (cb == null)
- return defaultConnectionBuilder;
- else
- return cb;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java
deleted file mode 100644
index 2ac8fe28e..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java
+++ /dev/null
@@ -1,120 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.net.URL;
-import java.util.Iterator;
-import java.util.Map;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.servlet.http.HttpServletRequest;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.BoolUtils;
-
-import com.sun.net.ssl.HostnameVerifier;
-import com.sun.net.ssl.HttpsURLConnection;
-
-/**
- * Defaultimplementierung von <code>ConnectionBuilder</code>.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class DefaultConnectionBuilder implements ConnectionBuilder {
-
- /** a boolean to disable the HostnameVerification (default = false)*/
- private static boolean disableHostnameVerification = false;
-
- /**
- * Constructor for DefaultConnectionBuilder.
- * @throws ConfigurationException on any config error
- */
- public DefaultConnectionBuilder() throws ConfigurationException {
- disableHostnameVerification = BoolUtils.valueOf(
- ProxyConfigurationProvider.getInstance().getGenericConfigurationParameter(
- "ProxyComponent.DisableHostnameVerification"));
- //TODO undocumented feature
- if (disableHostnameVerification)
- Logger.warn("ProxyComponent.DisableHostnameVerification: " + disableHostnameVerification);
- }
-
- /**
- * @see at.gv.egovernment.moa.id.proxy.ConnectionBuilder#buildConnection
- */
- public HttpURLConnection buildConnection(
- HttpServletRequest req,
- String publicURLPrefix,
- String realURLPrefix,
- SSLSocketFactory sslSocketFactory,
- Map parameters)
- throws IOException {
-
- String requestedURL = req.getRequestURL().toString();
- // check whether requested URL starts with publicURLPrefix
- if (! requestedURL.startsWith(publicURLPrefix))
- throw new IOException(MOAIDMessageProvider.getInstance().getMessage(
- "proxy.01", new Object[] {requestedURL, publicURLPrefix}));
- // in case of GET request, append query string to requested URL;
- // otherwise, HttpURLConnection would perform a POST request
- if ("get".equalsIgnoreCase(req.getMethod()) && ! parameters.isEmpty()) {
- requestedURL = appendQueryString(requestedURL, parameters);
- }
- // build real URL in online application
- String realURLString = realURLPrefix + requestedURL.substring(publicURLPrefix.length());
- URL url = new URL(realURLString);
- Logger.debug("OA Request: " + req.getMethod() + " " + url.toString());
-
- HttpURLConnection conn = (HttpURLConnection)url.openConnection();
- conn.setRequestMethod(req.getMethod());
- conn.setDoInput(true);
- conn.setDoOutput(true);
- //conn.setUseCaches(false);
- conn.setAllowUserInteraction(true);
- conn.setInstanceFollowRedirects(false);
- if (conn instanceof HttpsURLConnection && sslSocketFactory != null) {
- HttpsURLConnection httpsConn = (HttpsURLConnection) conn;
- httpsConn.setSSLSocketFactory(sslSocketFactory);
- if (disableHostnameVerification)
- httpsConn.setHostnameVerifier(new HostnameNonVerifier());
- }
- return conn;
- }
- /**
- * @param requestedURL
- * @param parameters
- * @return
- */
- private String appendQueryString(String requestedURL, Map parameters) {
- String newURL = requestedURL;
- for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) {
- String paramName = (String)iter.next();
- String paramValue = (String)parameters.get(paramName);
- String paramString = paramName + "=" + paramValue;
- if (newURL.indexOf("?") < 0)
- newURL = newURL + "?" + paramString;
- else
- newURL = newURL + "&" + paramString;
- }
- return newURL;
- }
-
- /**
- * @author Stefan Knirsch
- * @version $Id$
- * A private class to change the standard HostName verifier to disable the
- * Hostname Verification Check
- */
- private class HostnameNonVerifier implements HostnameVerifier {
-
- /**
- * @see com.sun.net.ssl.HostnameVerifier#verify(String, String)
- */
- public boolean verify(String arg0, String arg1) {
- return true;
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java
deleted file mode 100644
index 033a74934..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java
+++ /dev/null
@@ -1,125 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * Implementation of interface <code>LoginParameterResolver</code>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class DefaultLoginParameterResolver implements LoginParameterResolver {
-
- /**
- * Constructor
- */
- public DefaultLoginParameterResolver() {
- }
-
- /**
- * Configuration mehtod (not used)
- */
- public void configure(String configuration) throws LoginParameterResolverException {
- }
-
-
- /**
- * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationHeaders(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String)
- */
- public Map getAuthenticationHeaders(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) {
-
- Map result = new HashMap();
-
- if (oaConf.getAuthType().equals(OAConfiguration.BASIC_AUTH)) {
- String useridPredicate = oaConf.getBasicAuthUserIDMapping();
- String userid = resolveValue(useridPredicate, authData, clientIPAddress);
- String passwordPredicate = oaConf.getBasicAuthPasswordMapping();
- String password = resolveValue(passwordPredicate, authData, clientIPAddress);
-
- try {
- String userIDPassword = userid + ":" + password;
- String credentials = Base64Utils.encode(userIDPassword.getBytes());
- result.put("Authorization", "Basic " + credentials);
- }
- catch (IOException ignore) {
- }
- }
- else if (oaConf.getAuthType().equals(OAConfiguration.HEADER_AUTH)) {
- for (Iterator iter = oaConf.getHeaderAuthMapping().keySet().iterator(); iter.hasNext();) {
- String key = (String) iter.next();
- String predicate = (String) oaConf.getHeaderAuthMapping().get(key);
- String resolvedValue = resolveValue(predicate, authData, clientIPAddress);
- result.put(key, resolvedValue);
- }
- }
-
- return result;
- }
-
- /**
- * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationParameters(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String)
- */
- public Map getAuthenticationParameters(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) {
-
- Map result = new HashMap();
-
- if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH)) {
- for (Iterator iter = oaConf.getParamAuthMapping().keySet().iterator(); iter.hasNext();) {
- String key = (String) iter.next();
- String predicate = (String) oaConf.getParamAuthMapping().get(key);
- String resolvedValue = resolveValue(predicate, authData, clientIPAddress);
- result.put(key, resolvedValue);
- }
- }
-
- return result;
- }
-
- /**
- * Resolves a login header or parameter value.
- * @param predicate header or parameter predicate name from online application configuration
- * @param authData authentication data for current login
- * @param clientIPAddress client IP address
- * @return header or parameter value resolved; <code>null</code> if unknown name is given
- */
- private static String resolveValue(String predicate, AuthenticationData authData, String clientIPAddress) {
- if (predicate.equals(MOAGivenName))
- return authData.getGivenName();
- else if (predicate.equals(MOAFamilyName))
- return authData.getFamilyName();
- else if (predicate.equals(MOADateOfBirth))
- return authData.getDateOfBirth();
- else if (predicate.equals(MOAVPK))
- return authData.getVPK();
- else if (predicate.equals(MOAPublicAuthority))
- if (authData.isPublicAuthority())
- return "true";
- else
- return "false";
- else if (predicate.equals(MOABKZ))
- return authData.getPublicAuthorityCode();
- else if (predicate.equals(MOAQualifiedCertificate))
- if (authData.isQualifiedCertificate())
- return "true";
- else
- return "false";
- else if (predicate.equals(MOAZMRZahl))
- return authData.getIdentificationValue();
- else if (predicate.equals(MOAIPAddress))
- return clientIPAddress;
- else return null;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java
deleted file mode 100644
index 434a4f674..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java
+++ /dev/null
@@ -1,75 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-
-/**
- * Determines authentication parameters and headers to be added to a {@link java.net.URLConnection}
- * to the remote online application.
- * Utilizes {@link OAConfiguration} and {@link AuthenticationData}.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public interface LoginParameterResolver {
-
- /** Constants used in <code>MOAIDConfiguration-1.1.xsd</code>, type <code>MOAAuthDataType</code>,
- * naming predicates used by the <code>LoginParameterResolver</code>. */
- public static final String MOAGivenName = "MOAGivenName";
- /** Constant used in <code>MOAIDConfiguration-1.1.xsd</code>, type <code>MOAAuthDataType</code> */
- public static final String MOAFamilyName = "MOAFamilyName";
- /** Constant used in <code>MOAIDConfiguration-1.1.xsd</code>, type <code>MOAAuthDataType</code> */
- public static final String MOADateOfBirth = "MOADateOfBirth";
- /** Constant used in <code>MOAIDConfiguration-1.1.xsd</code>, type <code>MOAAuthDataType</code> */
- public static final String MOAVPK = "MOAVPK";
- /** Constant used in <code>MOAIDConfiguration-1.1.xsd</code>, type <code>MOAAuthDataType</code> */
- public static final String MOAPublicAuthority = "MOAPublicAuthority";
- /** Constant used in <code>MOAIDConfiguration-1.1.xsd</code>, type <code>MOAAuthDataType</code> */
- public static final String MOABKZ = "MOABKZ";
- /** Constant used in <code>MOAIDConfiguration-1.1.xsd</code>, type <code>MOAAuthDataType</code> */
- public static final String MOAQualifiedCertificate =
- "MOAQualifiedCertificate";
- /** Constant used in <code>MOAIDConfiguration-1.1.xsd</code>, type <code>MOAAuthDataType</code> */
- public static final String MOAZMRZahl = "MOAZMRZahl";
- /** Constant used in <code>MOAIDConfiguration-1.1.xsd</code>, type <code>MOAAuthDataType</code> */
- public static final String MOAIPAddress = "MOAIPAddress";
-
- /**
- * Returns authentication headers to be added to a URLConnection.
- *
- * @param oaConf configuration data
- * @param authData authentication data
- * @param clientIPAddress client IP address
- * @return A map, the keys being header names and values being corresponding header values.
- * <br>In case of authentication type <code>"basic-auth"</code>, header fields
- * <code>username</code> and <code>password</code>.
- * <br>In case of authentication type <code>"header-auth"</code>, header fields
- * derived from parameter mapping and authentication data provided.
- * <br>Otherwise, an empty map.
- */
- public Map getAuthenticationHeaders(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) throws LoginParameterResolverException;
-
- /**
- * Returns request parameters to be added to a URLConnection.
- *
- * @param oaConf configuration data
- * @param authData authentication data
- * @param clientIPAddress client IP address
- * @return A map, the keys being parameter names and values being corresponding parameter values.
- * <br>In case of authentication type <code>"param-auth"</code>, parameters
- * derived from parameter mapping and authentication data provided.
- * <br>Otherwise, an empty map.
- */
- public Map getAuthenticationParameters(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) throws LoginParameterResolverException;
-
- public void configure(String configuration) throws LoginParameterResolverException;
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java
deleted file mode 100644
index 3aa2368bf..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java
+++ /dev/null
@@ -1,37 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception thrown while proxying a request to the online application
- *
- * @author Rudolf Schamberger
- * @version $Id$
- */
-public class LoginParameterResolverException extends MOAIDException {
-
- /**
- * Constructor for LoginParameterResolverException.
- * @param messageId
- * @param parameters
- */
- public LoginParameterResolverException(
- String messageId,
- Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for LoginParameterResolverException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public LoginParameterResolverException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java
deleted file mode 100644
index 0db7f66fe..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java
+++ /dev/null
@@ -1,83 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.lang.reflect.Method;
-import java.util.HashMap;
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-
-/**
- * Factory delivering a {@link LoginParameterResolver} implementation for
- * an online application, initialized from configuration data.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class LoginParameterResolverFactory {
-
- /** default login parameter resolver to be used for online application
- * where no special implementation of the <code>LoginParameterResolver</code>
- * interface is configured
- */
- private static LoginParameterResolver defaultLoginParameterResolver;
- /** mapping from online application public URL prefix to an implementation
- * of the <code>LoginParameterResolver</code> interface to be used;
- * if no mapping is given for an online application, the
- * <code>DefaultLoginParameterResolver</code> will be used */
- private static Map loginParameterResolverMap;
-
- /**
- * Initializes the <code>LoginParameterResolver</code> map from the configuration data.
- * @throws ConfigurationException when the configuration cannot be read,
- * or when a class name configured cannot be instantiated
- */
- public static void initialize() throws ConfigurationException {
- defaultLoginParameterResolver = new DefaultLoginParameterResolver();
- loginParameterResolverMap = new HashMap();
- ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance();
- for (int i = 0; i < proxyConf.getOnlineApplicationParameters().length; i++) {
- OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameters()[i];
- String publicURLPrefix = oaParam.getPublicURLPrefix();
- String className = oaParam.getLoginParameterResolverImpl();
- String configuration = oaParam.getLoginParameterResolverConfiguration();
-
- if (className != null) {
- try {
- Class lprClass = Class.forName(className);
- LoginParameterResolver lpr = (LoginParameterResolver)Class.forName(className).newInstance();
-
- Class[] argumentTypes = { String.class };
- Method confMethod = lprClass.getMethod( "configure", argumentTypes );
-
- Object[] arguments = { new String(configuration) };
- confMethod.invoke( lpr, arguments );
-
- lpr.configure(configuration);
- loginParameterResolverMap.put(publicURLPrefix, lpr);
- }
- catch (LoginParameterResolverException lpex) {
- throw new ConfigurationException("config.11", new Object[] {className}, lpex);
- }
- catch (Throwable ex) {
- throw new ConfigurationException("config.07", new Object[] {publicURLPrefix}, ex);
- }
- }
- }
- }
-
- /**
- * Gets the <code>LoginParameterResolver</code> implementation to be used for the given
- * online application.
- * @param publicURLPrefix public URL prefix of the online application
- * @return <code>LoginParameterResolver</code> implementation
- */
- public static LoginParameterResolver getLoginParameterResolver(String publicURLPrefix) {
- LoginParameterResolver lpr = (LoginParameterResolver) loginParameterResolverMap.get(publicURLPrefix);
- if (lpr == null)
- return defaultLoginParameterResolver;
- else
- return lpr;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java b/id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java
deleted file mode 100644
index da5d36678..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java
+++ /dev/null
@@ -1,91 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import iaik.pki.PKIException;
-import iaik.pki.jsse.IAIKX509TrustManager;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl;
-import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Web application initializer
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDProxyInitializer {
-
- /**
- * Initializes the web application components which need initialization:
- * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
- */
- public static void initialize()
- throws ConfigurationException, IOException, GeneralSecurityException, PKIException {
-
- Logger.setHierarchy("moa.id.proxy");
-
- // Restricts TLS cipher suites
- System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
-
- // load some jsse classes so that the integrity of the jars can be verified
- // before the iaik jce is installed as the security provider
- // this workaround is only needed when sun jsse is used in conjunction with
- // iaik-jce (on jdk1.3)
- ClassLoader cl = MOAIDProxyInitializer.class.getClassLoader();
- try {
- cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar
- }
- catch (ClassNotFoundException e) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e);
- }
-
- // Initializes the SSLSocketFactory store
- SSLUtils.initialize();
-
- // Initializes IAIKX509TrustManager logging
- String log4jConfigURL = System.getProperty("log4j.configuration");
- if (log4jConfigURL != null) {
- IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL));
- }
-
- // Loads the configuration
- ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.reload();
-
- // Initializes the Axis secure socket factory for use in calling the MOA-Auth web service,
- // using configuration data
- ConnectionParameter connParamAuth = proxyConf.getAuthComponentConnectionParameter();
- if (connParamAuth.isHTTPSURL()) {
- SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(proxyConf, connParamAuth);
- AxisSecureSocketFactory.initialize(ssf);
- }
-
- // Initializes the Axis secure socket factories for use in calling the online applications,
- // using configuration data
- OAProxyParameter[] oaParams = proxyConf.getOnlineApplicationParameters();
- for (int i = 0; i < oaParams.length; i++) {
- OAProxyParameter oaParam = oaParams[i];
- ConnectionParameter oaConnParam = oaParam.getConnectionParameter();
- if (oaConnParam.isHTTPSURL())
- SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam);
- }
-
- // Initializes the ConnectionBuilderFactory from configuration data
- ConnectionBuilderFactory.initialize();
-
- // Initializes the LoginParameterResolverFactory from configuration data
- LoginParameterResolverFactory.initialize();
-
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.class b/id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.class
deleted file mode 100644
index 49200265a..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.class
+++ /dev/null
Binary files differ
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java
deleted file mode 100644
index 3f7a6872c..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java
+++ /dev/null
@@ -1,481 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.io.File;
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import java.io.IOException;
-import java.util.*;
-//import org.apache.xerces.parsers.AbstractDOMParser;
-import org.apache.xerces.parsers.DOMParser;
-import org.w3c.dom.*;
-
-/**
- * XMLLoginParameterResolver an implementation of implementation of interface
- * <code>LoginParameterResolver</code>
- * This implementation used to map identities stored in an XML file to parameters
- * which are given to OAs.
- *
- * @author Rudolf Schamberger
- * @version $Id$
- */
-public class XMLLoginParameterResolver implements LoginParameterResolver {
-
- //file which is parsed and interpreted for paremeter resolving.
- private String identityFile;
-
- /**
- * inner class used to store mapped parameters
- */
- class LPRParams {
-
- /**
- * getter method for parameter Enabled.
- * Parameter Enabled decides if mapped parameters should be used by XMLLoginParameterResolver
- */
- public boolean getEnabled() {
- return enabled.booleanValue();
- }
-
- /**
- * getter method for parameter UN (username)
- * @return Parameter UN or <code>null</code> not set.
- */
- public String getUN() {
- return UN;
- }
-
- /**
- * getter method for parameter PW (password)
- * @return Parameter PW or <code>null</code> not set.
- */
- public String getPW() {
- return PW;
- }
-
- /**
- * getter method for parameter Param1
- * @return Parameter Param1 or <code>null</code> not set.
- */
- public String getParam1() {
- return Param1;
- }
-
- /**
- * getter method for parameter Param2
- * @return Parameter Param2 or <code>null</code> not set.
- */
- public String getParam2() {
- return Param2;
- }
-
- /**
- * getter method for parameter Param3
- * @return Parameter Param3 or <code>null</code> not set.
- */
- public String getParam3() {
- return Param3;
- }
-
- /**
- * Returns a string representation of LPRParams
- *
- * @return a <code>String</code> representation of this object.
- * @see XMLLoginParameterResolver.LPRParams
- */
- public String toString() {
- return "Enabled: "
- + enabled.toString()
- + "UN: '"
- + UN
- + "' PW: '"
- + PW
- + "' Param1: '"
- + Param1
- + "' Param2: '"
- + Param2
- + "' Param3: '"
- + Param3
- + "'\n";
- }
-
- //private member variables used
- private Boolean enabled = null;
- private String UN = null;
- private String PW = null;
- private String Param1 = null;
- private String Param2 = null;
- private String Param3 = null;
-
- /**
- * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object.
- *
- * @param enabled enable user mapping to parameter set for the parameter set.
- * @param UN username used in HTTP 401 - BasicAuthentication
- * @param PW password used in HTTP 401 - BasicAuthentication
- * @param Param1 parameter1 used in HeaderAuthentication and ParameterAuthentication
- * @param Param2 parameter2 used in HeaderAuthentication and ParameterAuthentication
- * @param Param3 parameter3 used in HeaderAuthentication and ParameterAuthentication
- **/
- LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) {
- this.enabled = new Boolean(enabled);
- this.UN = UN;
- this.PW = PW;
- this.Param1 = Param1;
- this.Param1 = Param2;
- this.Param1 = Param3;
- }
-
- /**
- * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object.
- *
- * @param enabled enable user mapping to parameter set for the parameter set.
- * @param UN username used in HTTP 401 - BasicAuthentication
- * @param PW password used in HTTP 401 - BasicAuthentication
- **/
- LPRParams(boolean enabled, String UN, String PW) {
- this(enabled, UN, PW, null, null, null);
- }
- }
-
- /**
- * Constructs a newly allocated <code>XMLLoginParameterResolver</code> object.
- **/
- public XMLLoginParameterResolver() {
- bPKMap = new HashMap();
- namedMap = new HashMap();
- }
-
- /**
- * configuration method
- * @param configuration enabled enable user mapping to parameter set for the parameter set.
- */
- public void configure(String configuration) throws LoginParameterResolverException {
- File idFile;
- this.identityFile = configuration;
-
- try {
- if (null == identityFile || false == (idFile = new File(identityFile)).canRead()) {
- Logger.error("XMLLoginParameterResolver could not read '"
- + identityFile
- + "' " );
- return;
- }
- Document doc = readXMLFile(identityFile);
- buildInfo(doc);
- } catch (Throwable ex) {
- throw new LoginParameterResolverException("config.11", new Object[] {identityFile}, ex);
- }
- isConfigured = true;
- }
-
- public Map getAuthenticationHeaders(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) throws LoginParameterResolverException {
- Map result = new HashMap();
-
- if (!isConfigured) {
- throw new LoginParameterResolverException("XMLLoginParameterResolver with configuration '" +
- identityFile + "' is not configured!", null);
- }
-
- String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
- String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
- String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
- String bPK = resolveValue("MOAVPK", authData, clientIPAddress);
- String userid = "";
- String password = "";
- LPRParams params = null;
- boolean userFound = false;
-
- //try bPK and named search
- userFound = bPKIdentitySearch(bPK, params);
-
- if(false == userFound)
- namedIdentitySearch(famName, givenName, dateOfBirth, params);
-
- if(false == userFound)
- return result;
-
- //HTTP 401 - Basic Authentication
- if (oaConf.getAuthType().equals("basic")) {
- userid = params.getUN();
- password = params.getPW();
-
- try {
- String userIDPassword = userid + ":" + password;
- String credentials = Base64Utils.encode(userIDPassword.getBytes());
- Logger.debug("XMLLoginParameterResolver: calculated credentials: " + credentials);
- result.put("Authorization", "Basic " + credentials);
- } catch (IOException ignore) {
- }
- return result;
- }
- if (oaConf.getAuthType().equals("header")) {
- String key;
- String resolvedValue;
- result.put("Param1", params.getParam1());
- result.put("Param2", params.getParam2());
- result.put("Param3", params.getParam3());
- return result;
- /* for (Iterator iter = oaConf.getHeaderAuthMapping().keySet().iterator();
- iter.hasNext();
- result.put(key, resolvedValue)) {
- key = (String) iter.next();
- String predicate = (String) oaConf.getHeaderAuthMapping().get(key);
- resolvedValue = resolveValue(predicate, authData, clientIPAddress);
- }
- */
- }
- return result;
- }
-
- public Map getAuthenticationParameters(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) {
-
- Map result = new HashMap();
-
- if (!isConfigured) {
- Logger.warn("XMLLoginParameterResolver with configuration '" + identityFile + " is not configured");
- return result;
- }
-
- String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
- String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
- String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
- String bPK = resolveValue("MOAVPK", authData, clientIPAddress);
- String userid = "";
- String password = "";
- LPRParams params = null;
- boolean userFound = false;
-
- //try bPK and named search
- userFound = bPKIdentitySearch(bPK, params);
-
- if (false == userFound)
- namedIdentitySearch(famName, givenName, dateOfBirth, params);
-
- if (false == userFound)
- return result;
-
- if (oaConf.getAuthType().equals("param")) {
- result.put("Param1", params.getParam1());
- result.put("Param2", params.getParam2());
- result.put("Param3", params.getParam3());
- return result;
- /*
- String key;
- String resolvedValue;
- for (Iterator iter = oaConf.getParamAuthMapping().keySet().iterator();
- iter.hasNext();
- result.put(key, resolvedValue)) {
- key = (String) iter.next();
- String predicate = (String) oaConf.getParamAuthMapping().get(key);
- resolvedValue = resolveValue(predicate, authData, clientIPAddress);
- }
- */
-
- }
- return result;
- }
-
- private static String resolveValue(
- String predicate,
- AuthenticationData authData,
- String clientIPAddress) {
- if (predicate.equals("MOAGivenName"))
- return authData.getGivenName();
- if (predicate.equals("MOAFamilyName"))
- return authData.getFamilyName();
- if (predicate.equals("MOADateOfBirth"))
- return authData.getDateOfBirth();
- if (predicate.equals("MOAVPK"))
- return authData.getVPK();
- if (predicate.equals("MOAPublicAuthority"))
- if (authData.isPublicAuthority())
- return "true";
- else
- return "false";
- if (predicate.equals("MOABKZ"))
- return authData.getPublicAuthorityCode();
- if (predicate.equals("MOAQualifiedCertificate"))
- if (authData.isQualifiedCertificate())
- return "true";
- else
- return "false";
- if (predicate.equals("MOAZMRZahl"))
- return authData.getIdentificationValue();
- if (predicate.equals("MOAIPAddress"))
- return clientIPAddress;
- else
- return null;
- }
-
- private Document readXMLFile(String fileName) {
- Logger.info("XMLLoginParameterResolver: Loading MOA-OA configuration " + fileName);
- DOMParser parser = new DOMParser();
- try {
- parser.setFeature("http://xml.org/sax/features/validation", true);
- parser.setFeature("http://apache.org/xml/features/validation/schema", true);
- parser.parse(fileName);
- return parser.getDocument();
- } catch (Exception e) {
- String msg = e.toString();
- Logger.error("XMLLoginParameterResolver: Error parsing file" + fileName + "\n" + msg);
- return null;
- }
- }
-
- private void buildInfo(Document doc) {
- Element root = doc.getDocumentElement();
- NodeList idList = root.getElementsByTagName(XSD_IDELEM);
- NodeList paramList = root.getElementsByTagName("Parameters");
- for (int i = 0; i < idList.getLength(); i++)
- Logger.debug("XMLLoginParameterResolver: LocalName idList: " + idList.item(i).getLocalName());
-
- for (int i = 0; i < paramList.getLength(); i++)
- Logger.debug(
- "XMLLoginParameterResolver: LocalName paramList: " + paramList.item(i).getLocalName());
-
- for (int i = 0; i < idList.getLength(); i++) {
- Element tmpElem = (Element) idList.item(i);
- NodeList tmpList = tmpElem.getElementsByTagName("NamedIdentity");
- for (int j = 0; j < tmpList.getLength(); j++)
- Logger.debug("XMLLoginParameterResolver: LocalName tmp: " + tmpList.item(j).getLocalName());
-
- if (1 == tmpList.getLength()) {
- tmpElem = (Element) tmpList.item(0);
- String tmpStr = tmpElem.getAttribute("SurName") + "," + tmpElem.getAttribute("GivenName");
- boolean tmpBool = false;
- if (tmpElem.getFirstChild() != null
- && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
- tmpBool = true;
- Logger.debug(
- "XMLLoginParameterResolver: tmpStr: "
- + tmpStr
- + " value: "
- + (new Boolean(tmpBool)).toString());
- tmpElem = (Element) paramList.item(i);
- Logger.debug(
- "XMLLoginParameterResolver: attribute UN: "
- + tmpElem.getAttribute("UN")
- + " attribute PW: "
- + tmpElem.getAttribute("PW"));
- namedMap.put(
- tmpStr,
- new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
- } else {
- tmpList = tmpElem.getElementsByTagName("bPKIdentity");
- if (1 == tmpList.getLength()) {
- tmpElem = (Element) tmpList.item(0);
- String tmpStr = tmpElem.getAttribute("bPK");
- boolean tmpBool = false;
- if (tmpElem.getFirstChild() != null
- && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
- tmpBool = true;
- Logger.debug(
- "XMLLoginParameterResolver: tmpStr: "
- + tmpStr
- + " value: "
- + (new Boolean(tmpBool)).toString());
- tmpElem = (Element) paramList.item(i);
- Logger.debug(
- "XMLLoginParameterResolver: attribute UN: "
- + tmpElem.getAttribute("UN")
- + " attribute PW: "
- + tmpElem.getAttribute("PW")
- + " attribute Param1: "
- + tmpElem.getAttribute("Param1"));
- bPKMap.put(
- tmpStr,
- new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
- } else {
- Logger.warn(
- "XMLLoginParameterResolver: wrong format no NamedIdentity or bPKIdentity found");
- }
- }
- }
-
- Logger.debug("namedMap:" + namedMap.toString());
- Logger.debug("bPKMap:" + bPKMap.toString());
- }
-
- private void buildIdentityInfo(Document doc) {
-
- }
-
-
- boolean bPKIdentitySearch(String bPK, LPRParams params) {
- //search for mapping with bPK of the user
- Logger.info("XMLLoginParameterResolver: search for login data mapped to bPK:" + bPK);
- params = (LPRParams) bPKMap.get(bPK);
- if (null == params) {
- Logger.info("XMLLoginParameterResolver: params for bPK: " + bPK + " not found!");
- return false;
- } else if (params.getEnabled()) {
- Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list; user is enabled");
- Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
- return true;
- }
- Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list but user is NOT enabled");
- return false;
- }
-
- boolean namedIdentitySearch(
- String famName,
- String givenName,
- String dateOfBirth,
- LPRParams params) {
- Logger.info(
- "XMLLoginParameterResolver: search for login data for SurName:"
- + famName
- + " GivenName: "
- + givenName);
-
- params = (LPRParams) namedMap.get(famName + "," + givenName);
- if (null == params) {
-
- Logger.info(
- "XMLLoginParameterResolver: params for Surname: "
- + famName
- + " GivenName: "
- + givenName
- + " not found!");
- return false;
- }
-
- if (params.getEnabled()) {
- Logger.info(
- "XMLLoginParameterResolver: SurName:"
- + famName
- + " GivenName: "
- + givenName
- + "found in list; user is enabled");
- Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
- return true;
- }
- Logger.info(
- "XMLLoginParameterResolver: SurName:"
- + famName
- + " GivenName: "
- + givenName
- + "found in list; user is NOT enabled");
- return false;
- }
-
- public static final String XSD_MAPPING = "Mapping";
-
- public static final String XSD_DOCELEM = "MOAIdentities";
- public static final String XSD_IDELEM = "Identity";
- public static final String XSD_NAMEDIDELEM = "NamedIdentity";
- public static final String XSD_BPKIDELEM = "bPKIdentity";
- public static final String XSD_PARAMELEM = "Parameters";
- public static final String XML_LPR_CONFIG_PROPERTY_NAME = "moa.id.xmllpr.configuration";
- private Map bPKMap;
- private Map namedMap;
- private boolean isConfigured = false;
-} \ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java
deleted file mode 100644
index e0e1fde4a..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java
+++ /dev/null
@@ -1,55 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.builder;
-
-import java.text.MessageFormat;
-import java.util.Calendar;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-
-/**
- * Builder for the <code>&lt;samlp:Request&gt;</code> used for querying
- * the authentication data <code>&lt;saml:Assertion&gt;</code>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLRequestBuilder implements Constants {
- /** samlp-Request template */
- private static final String REQUEST =
- "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"{0}\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"{1}\">" +
- "<samlp:AssertionArtifact>{2}</samlp:AssertionArtifact>" +
- "</samlp:Request>";
-
- /**
- * Constructor for SAMLRequestBuilder.
- */
- public SAMLRequestBuilder() {
- super();
- }
-
- /**
- * Builds the <code>&lt;samlp:Request&gt;</code>.
- * @param requestID request ID
- * @param samlArtifactBase64 SAML artifact, encoded BASE64
- * @return the DOM element
- */
- public Element build(String requestID, String samlArtifactBase64) throws BuildException {
- try {
- String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance());
- String request = MessageFormat.format(REQUEST, new Object[] {requestID, issueInstant, samlArtifactBase64});
- Element requestElem = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- return requestElem;
- }
- catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] {"samlp:Request", ex.toString()},
- ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java b/id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java
deleted file mode 100644
index 4e9a72111..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java
+++ /dev/null
@@ -1,143 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.invoke;
-
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.util.Vector;
-
-import javax.xml.namespace.QName;
-import javax.xml.rpc.Call;
-import javax.xml.rpc.Service;
-import javax.xml.rpc.ServiceFactory;
-
-import org.apache.axis.message.SOAPBodyElement;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.ServiceException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.data.SAMLStatus;
-import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder;
-import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser;
-import at.gv.egovernment.moa.id.proxy.servlet.ProxyException;
-import at.gv.egovernment.moa.id.util.Random;
-
-/**
- * Invoker of
- * <ul>
- * <li>either the GetAuthenticationData web service of MOA-ID Auth</li>
- * <li>or the API call {@link at.gv.egovernment.moa.id.auth.AuthenticationServer#getAuthenticationData},</li>
- * </ul>
- * depending of the configuration.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class GetAuthenticationDataInvoker {
- /** Create a new QName object for the webservice endpoint */
- private static final QName SERVICE_QNAME = new QName("GetAuthenticationData");
-
- /** invoked object for API call of MOA-ID Auth */
- private static Object apiServer = null;
- /** invoked method for API call of MOA-ID Auth */
- private static Method apiMethod = null;
-
- /**
- * Invokes the service passing domain model objects.
- * @param samlArtifact SAML artifact
- * @return AuthenticationData object
- * @throws ServiceException on any exception thrown
- */
- /**
- * Get authentication data from the MOA-ID Auth component,
- * either via API call or via web service call.
- * @param samlArtifact SAML artifact to be used as a parameter
- * @return AuthenticationData
- */
- public AuthenticationData getAuthenticationData(String samlArtifact)
- throws ConfigurationException, ProxyException, BuildException, ServiceException, ParseException, AuthenticationException {
-
- ConnectionParameter authConnParam =
- ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter();
- if (authConnParam == null) {
- try {
- if (apiServer == null) {
- Class serverClass = Class.forName("at.gv.egovernment.moa.id.auth.AuthenticationServer");
- Method getInstanceMethod = serverClass.getMethod("getInstance", null);
- apiServer = getInstanceMethod.invoke(null, null);
- apiMethod = serverClass.getMethod(
- "getAuthenticationData", new Class[] {String.class});
- }
- AuthenticationData authData = (AuthenticationData)apiMethod.invoke(apiServer, new Object[] {samlArtifact});
- return authData;
- }
- catch (InvocationTargetException ex) {
- Throwable targetEx = ex.getTargetException();
- if (targetEx instanceof AuthenticationException)
- throw (AuthenticationException) targetEx;
- else
- throw new ProxyException("proxy.09", new Object[] {targetEx.toString()});
- }
- catch (Throwable ex) {
- throw new ProxyException("proxy.09", new Object[] {ex.toString()});
- }
- }
- else {
- Element samlpRequest = new SAMLRequestBuilder().build(Random.nextRandom(), samlArtifact);
- Element samlpResponse = getAuthenticationData(samlpRequest);
- SAMLResponseParser srp = new SAMLResponseParser(samlpResponse);
- SAMLStatus status = srp.parseStatusCode();
- if (! "samlp:Success".equals(status.getStatusCode())) {
- // on error status throw exception
- String code = status.getStatusCode();
- if (status.getSubStatusCode() != null && status.getSubStatusCode().length() > 0)
- code += "(" + status.getSubStatusCode() + ")";
- throw new ServiceException("service.02", new Object[] {code, status.getStatusMessage()});
- }
- return srp.parseAuthenticationData();
- }
- }
-
- /**
- * Invokes the service passing DOM elements.
- * @param request request DOM element
- * @return response DOM element
- * @throws ServiceException on any exception thrown
- */
- public Element getAuthenticationData(Element request) throws ServiceException {
- try {
- Service service = ServiceFactory.newInstance().createService(SERVICE_QNAME);
- Call call = service.createCall();
- SOAPBodyElement body =
- new SOAPBodyElement(request);
- SOAPBodyElement[] params = new SOAPBodyElement[] {body};
- Vector responses;
- SOAPBodyElement response;
-
- String endPoint;
- ConnectionParameter authConnParam =
- ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter();
-
- //If the ConnectionParameter do NOT exist, we throw an exception ....
- if (authConnParam!=null) {
- endPoint = authConnParam.getUrl();
- call.setTargetEndpointAddress(endPoint);
- responses = (Vector) call.invoke(SERVICE_QNAME, params);
- response = (SOAPBodyElement) responses.get(0);
- return response.getAsDOM();
- }
- else
- {
- throw new ServiceException("service.01", null);
- }
- }
- catch (Exception ex) {
- throw new ServiceException("service.00", new Object[] {ex.toString()}, ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java
deleted file mode 100644
index ce0743b3d..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java
+++ /dev/null
@@ -1,145 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.parser;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parser for the <code>&lt;saml:Assertion&gt;</code> returned by the
- * <code>GetAuthenticationData</code> web service.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationDataAssertionParser implements Constants {
-
- /** Prefix for SAML-Xpath-expressions */
- private static String SAML = SAML_PREFIX + ":";
- /** Prefix for PersonData-Xpath-expressions */
- private static String PR = PD_PREFIX + ":";
- /** Prefix for Attribute MajorVersion in an Xpath-expression */
- private static String MAJOR_VERSION_XPATH =
- "@MajorVersion";
- /** Prefix for Attribute MinorVersion in an Xpath-expression */
- private static String MINOR_VERSION_XPATH =
- "@MinorVersion";
- /** Prefix for Attribute AssertionID in an Xpath-expression */
- private static String ASSERTION_ID_XPATH =
- "@AssertionID";
- /** Prefix for Attribute Issuer in an Xpath-expression */
- private static String ISSUER_XPATH =
- "@Issuer";
- /** Prefix for Attribute IssueInstant in an Xpath-expression */
- private static String ISSUE_INSTANT_XPATH =
- "@IssueInstant";
- /** Prefix for Element AttributeStatement in an Xpath-expression */
- private static String ATTRIBUTESTATEMENT_XPATH =
- SAML + "AttributeStatement/";
- /** Prefix for Element NameIdentifier in an Xpath-expression */
- private static String VPK_XPATH =
- ATTRIBUTESTATEMENT_XPATH +
- SAML + "Subject/" +
- SAML + "NameIdentifier";
- /** Prefix for Element Person in an Xpath-expression */
- private static String PERSONDATA_XPATH =
- ATTRIBUTESTATEMENT_XPATH +
- SAML + "Attribute[@AttributeName=\"PersonData\"]/" +
- SAML + "AttributeValue/" +
- PR + "Person/";
- /** Prefix for Element Value in an Xpath-expression */
- private static String ZMRZAHL_XPATH =
- PERSONDATA_XPATH +
- PR + "Identification/" +
- PR + "Value";
- /** Prefix for Element GivenName in an Xpath-expression */
- private static String GIVEN_NAME_XPATH =
- PERSONDATA_XPATH +
- PR + "Name/" +
- PR + "GivenName";
- /** Prefix for Element FamilyName in an Xpath-expression */
- private static String FAMILY_NAME_XPATH =
- PERSONDATA_XPATH +
- PR + "Name/" +
- PR + "FamilyName";
- /** Prefix for Element DateOfBirth in an Xpath-expression */
- private static String DATE_OF_BIRTH_XPATH =
- PERSONDATA_XPATH +
- PR + "DateOfBirth";
- /** Prefix for Element AttributeValue in an Xpath-expression */
- private static String IS_QUALIFIED_CERT_XPATH =
- ATTRIBUTESTATEMENT_XPATH +
- SAML + "Attribute[@AttributeName=\"isQualifiedCertificate\"]/" +
- SAML + "AttributeValue";
- /** Prefix for Element AttributeValue in an Xpath-expression */
- private static String PUBLIC_AUTHORITY_XPATH =
- ATTRIBUTESTATEMENT_XPATH +
- SAML + "Attribute[@AttributeName=\"isPublicAuthority\"]/" +
- SAML + "AttributeValue";
- /** Element samlAssertion represents the SAML:Assertion */
- private Element samlAssertion;
-
- /**
- * Constructor
- * @param samlAssertion samlpResponse the <code>&lt;samlp:Response&gt;</code> as a DOM element
- */
- public AuthenticationDataAssertionParser(Element samlAssertion) {
- this.samlAssertion = samlAssertion;
- }
-
- /**
- * Parses the <code>&lt;saml:Assertion&gt;</code>.
- * @return <code>AuthenticationData</code> object
- * @throws ParseException on any error
- */
- public AuthenticationData parseAuthenticationData()
- throws ParseException {
-
- try {
- AuthenticationData authData = new AuthenticationData();
- //ÄNDERN: NUR der Identification-Teil
- authData.setSamlAssertion(DOMUtils.serializeNode(samlAssertion));
- authData.setMajorVersion(new Integer(
- XPathUtils.getAttributeValue(samlAssertion, MAJOR_VERSION_XPATH, "-1")).intValue());
- authData.setMinorVersion(new Integer(
- XPathUtils.getAttributeValue(samlAssertion, MINOR_VERSION_XPATH, "-1")).intValue());
- authData.setAssertionID(
- XPathUtils.getAttributeValue(samlAssertion, ASSERTION_ID_XPATH, ""));
- authData.setIssuer(
- XPathUtils.getAttributeValue(samlAssertion, ISSUER_XPATH, ""));
- authData.setIssueInstant(
- XPathUtils.getAttributeValue(samlAssertion, ISSUE_INSTANT_XPATH, ""));
- authData.setVPK(
- XPathUtils.getElementValue(samlAssertion, VPK_XPATH, ""));
- authData.setIdentificationValue(
- XPathUtils.getElementValue(samlAssertion, ZMRZAHL_XPATH, ""));
- authData.setGivenName(
- XPathUtils.getElementValue(samlAssertion, GIVEN_NAME_XPATH, ""));
- authData.setFamilyName(
- XPathUtils.getElementValue(samlAssertion, FAMILY_NAME_XPATH, ""));
- authData.setDateOfBirth(
- XPathUtils.getElementValue(samlAssertion, DATE_OF_BIRTH_XPATH, ""));
- authData.setQualifiedCertificate(BoolUtils.valueOf(
- XPathUtils.getElementValue(samlAssertion, IS_QUALIFIED_CERT_XPATH, "")));
- String publicAuthority =
- XPathUtils.getElementValue(samlAssertion, PUBLIC_AUTHORITY_XPATH, null);
- if (publicAuthority == null) {
- authData.setPublicAuthority(false);
- authData.setPublicAuthorityCode("");
- }
- else {
- authData.setPublicAuthority(true);
- if (! publicAuthority.equalsIgnoreCase("true"))
- authData.setPublicAuthorityCode(publicAuthority);
- }
- return authData;
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java
deleted file mode 100644
index 9f77578fd..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java
+++ /dev/null
@@ -1,100 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.parser;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.data.SAMLStatus;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parser for the <code>&lt;samlp:Response&gt;</code> returned by the
- * <code>GetAuthenticationData</code> web service.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLResponseParser implements Constants {
- /** Element containing the samlResponse */
- private Element samlResponse;
- /** Xpath prefix for reaching SAMLP Namespaces */
- private static String SAMLP = SAMLP_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static String SAML = SAML_PREFIX + ":";
- /** Xpath prefix for reaching PersonData Namespaces */
- private static String PR = PD_PREFIX + ":";
- /** Xpath expression for reaching the SAMLP:Response element */
- private static final String ROOT =
- "/" + SAMLP + "Response/";
- /** Xpath expression for reaching the SAMLP:Status element */
- private static final String STATUS_XPATH =
- ROOT +
- SAMLP + "Status/";
- /** Xpath expression for reaching the SAMLP:StatusCode_Value attribute */
- private static final String STATUSCODE_XPATH =
- STATUS_XPATH +
- SAMLP + "StatusCode/@Value";
- /** Xpath expression for reaching the SAMLP:SubStatusCode_Value attribute */
- private static final String SUBSTATUSCODE_XPATH =
- STATUS_XPATH +
- SAMLP + "StatusCode/" +
- SAMLP + "StatusCode/@Value";
- /** Xpath expression for reaching the SAMLP:StatusMessage element */
- private static final String STATUSMESSAGE_XPATH =
- STATUS_XPATH +
- SAMLP + "StatusMessage";
- /** Xpath expression for reaching the SAML:Assertion element */
- private static String ASSERTION_XPATH =
- ROOT +
- SAML + "Assertion";
-
- /**
- * Constructor
- * @param samlResponse the <code>&lt;samlp:Response&gt;</code> as a DOM element
- */
- public SAMLResponseParser(Element samlResponse) {
- this.samlResponse = samlResponse;
- }
-
- /**
- * Parses the <code>&lt;samlp:StatusCode&gt;</code> from the <code>&lt;samlp:Response&gt;</code>.
- * @return <code>AuthenticationData</code> object
- * @throws ParseException on any parsing error
- */
- public SAMLStatus parseStatusCode()
- throws ParseException {
-
- SAMLStatus status = new SAMLStatus();
- try {
- status.setStatusCode(
- XPathUtils.getAttributeValue(samlResponse, STATUSCODE_XPATH, ""));
- status.setSubStatusCode(
- XPathUtils.getAttributeValue(samlResponse, SUBSTATUSCODE_XPATH, ""));
- status.setStatusMessage(
- XPathUtils.getElementValue(samlResponse, STATUSMESSAGE_XPATH, ""));
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- return status;
- }
-
- /**
- * Parses the <code>&lt;saml:Assertion&gt;</code> from the <code>&lt;samlp:Response&gt;</code>.
- * @return <code>AuthenticationData</code> object
- * @throws ParseException on any parsing error
- */
- public AuthenticationData parseAuthenticationData()
- throws ParseException {
-
- Element samlAssertion;
- try {
- samlAssertion = (Element)XPathUtils.selectSingleNode(samlResponse, ASSERTION_XPATH);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- return new AuthenticationDataAssertionParser(samlAssertion).parseAuthenticationData();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
deleted file mode 100644
index d6ec4951b..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
+++ /dev/null
@@ -1,80 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.servlet;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.text.DateFormat;
-import java.util.Date;
-import java.util.Locale;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet requested for updating the MOA-ID Auth configuration from configuration file
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ConfigurationServlet extends HttpServlet {
- /** The standard String for DTD Doc-type */
- private static final String DOC_TYPE =
- "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n";
-
- /**
- * Handle a HTTP GET request, used to indicated that the MOA
- * configuration needs to be updated (reloaded).
- *
- * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
- */
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
-
- MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance();
- PrintWriter out;
-
- response.setContentType("text/html");
- out = response.getWriter();
- out.println(DOC_TYPE);
- out.println("<head><title>MOA configuration update</title></head>");
- out.println("<body bgcolor=\"#FFFFFF\">");
- try {
- MOAIDProxyInitializer.initialize();
-
- String message = msg.getMessage("config.00", new Object[]
- { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} );
- Logger.info(message);
-
- //TODO low-priority: change to ErrorPage
- out.println("<p><b>");
- out.println(message);
- out.println("</b></p>");
- } catch (Throwable t) {
- String errorMessage = msg.getMessage("config.04", null);
- Logger.error(errorMessage, t);
- out.println("<p><b>");
- out.println(errorMessage);
- out.println("</b></p>");
- }
- out.println("</body>");
-
- out.flush();
- out.close();
- }
-
- /**
- * Do the same as <code>doGet</code>.
- *
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
- */
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- doGet(request, response);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java
deleted file mode 100644
index 0080c010e..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.servlet;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception thrown while proxying a request to the online application
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ProxyException extends MOAIDException {
-
- /**
- * Constructor for ProxyException.
- * @param messageId
- * @param parameters
- */
- public ProxyException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for ProxyException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public ProxyException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
deleted file mode 100644
index 362849fb1..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
+++ /dev/null
@@ -1,537 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.servlet;
-
-import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.io.PrintWriter;
-import java.io.StringWriter;
-import java.net.HttpURLConnection;
-import java.net.URLEncoder;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.ServiceException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.data.CookieManager;
-import at.gv.egovernment.moa.id.proxy.ConnectionBuilder;
-import at.gv.egovernment.moa.id.proxy.ConnectionBuilderFactory;
-import at.gv.egovernment.moa.id.proxy.LoginParameterResolver;
-import at.gv.egovernment.moa.id.proxy.LoginParameterResolverException;
-import at.gv.egovernment.moa.id.proxy.LoginParameterResolverFactory;
-import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer;
-import at.gv.egovernment.moa.id.proxy.invoke.GetAuthenticationDataInvoker;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * Servlet requested for logging in at an online application,
- * and then for proxying requests to the online application.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ProxyServlet extends HttpServlet {
- /** Name of the Parameter for the Target */
- private static final String PARAM_TARGET = "Target";
- /** Name of the Parameter for the SAMLArtifact */
- private static final String PARAM_SAMLARTIFACT = "SAMLArtifact";
-
- /** Name of the Attribute for the PublicURLPrefix */
- private static final String ATT_PUBLIC_URLPREFIX = "PublicURLPrefix";
- /** Name of the Attribute for the RealURLPrefix */
- private static final String ATT_REAL_URLPREFIX = "RealURLPrefix";
- /** Name of the Attribute for the SSLSocketFactory */
- private static final String ATT_SSL_SOCKET_FACTORY = "SSLSocketFactory";
- /** Name of the Attribute for the LoginHeaders */
- private static final String ATT_LOGIN_HEADERS = "LoginHeaders";
- /** Name of the Attribute for the LoginParameters */
- private static final String ATT_LOGIN_PARAMETERS = "LoginParameters";
-
- /**
- * @see javax.servlet.http.HttpServlet#service(HttpServletRequest, HttpServletResponse)
- */
- protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-
- Logger.debug("getRequestURL:" + req.getRequestURL().toString());
- try {
- if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null)
- login(req, resp);
- else
- tunnelRequest(req, resp);
- }
- catch (MOAIDException ex) {
- handleError(resp, ex.toString(), ex);
- }
- catch (Throwable ex) {
- handleError(resp, ex.toString(), ex);
- }
- }
-
- /**
- * Login to online application at first call of servlet for a user session.<br/>
- * <ul>
- * <li>Acquires authentication data from the MOA-ID Auth component.</li>
- * <li>Reads configuration data for the online application.</li>
- * <li>Resolves login parameters.</li>
- * <li>Sets up an SSLSocketFactory in case of a secure connection to the online application.</li>
- * <li>For a stateless online application, stores data in the HttpSession.</li>
- * <li>Tunnels the request to the online application.</li>
- * </ul>
- * @param req
- * @param resp
- * @throws ConfigurationException when wrong configuration is encountered
- * @throws ProxyException when wrong configuration is encountered
- * @throws BuildException while building the request for MOA-ID Auth
- * @throws ServiceException while invoking MOA-ID Auth
- * @throws ParseException while parsing the response from MOA-ID Auth
- */
- private void login(HttpServletRequest req, HttpServletResponse resp) throws ConfigurationException, ProxyException, BuildException, ServiceException, ParseException, AuthenticationException {
-
- String samlArtifact = req.getParameter(PARAM_SAMLARTIFACT);
- Logger.debug("moa-id-proxy login " + PARAM_SAMLARTIFACT + ": " + samlArtifact);
- // String target = req.getParameter(PARAM_TARGET); parameter given but not processed
-
- // get authentication data from the MOA-ID Auth component
- AuthenticationData authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact);
-
- String urlRequested = req.getRequestURL().toString();
-
- // read configuration data
- ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance();
- OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(urlRequested);
- if (oaParam == null) {
- throw new ProxyException("proxy.02", new Object[] { urlRequested });
- }
- String publicURLPrefix = oaParam.getPublicURLPrefix();
- Logger.debug("OA: " + publicURLPrefix);
- OAConfiguration oaConf = oaParam.getOaConfiguration();
- ConnectionParameter oaConnParam = oaParam.getConnectionParameter();
- String realURLPrefix = oaConnParam.getUrl();
-
- // resolve login parameters to be forwarded to online application
- LoginParameterResolver lpr = LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix);
- String clientIPAddress = req.getRemoteAddr();
- Map loginHeaders = null;
- Map loginParameters = null;
- try {
- if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH))
- loginParameters = lpr.getAuthenticationParameters(oaConf, authData, clientIPAddress);
- else
- loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, clientIPAddress);
-
- } catch (LoginParameterResolverException ex) {
- throw new ProxyException("proxy.13", new Object[] { publicURLPrefix });
- }
-
- // setup SSLSocketFactory for communication with the online application
- SSLSocketFactory ssf = null;
- if (oaConnParam.isHTTPSURL()) {
- try {
- ssf = SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam);
- }
- catch (Throwable ex) {
- throw new ProxyException("proxy.05", new Object[] { oaConnParam.getUrl(), ex.toString()}, ex);
- }
- }
-
- try {
- // for stateless online application, store data in HttpSession
- String loginType = oaConf.getLoginType();
- Logger.debug("Login type: " + loginType);
- if (loginType.equals(OAConfiguration.LOGINTYPE_STATELESS)) {
- HttpSession session = req.getSession();
- int sessionTimeOut = oaParam.getSessionTimeOut();
- if (sessionTimeOut == 0)
- sessionTimeOut = 60 * 60; // default 1 h
- session.setMaxInactiveInterval(sessionTimeOut);
- session.setAttribute(ATT_PUBLIC_URLPREFIX, publicURLPrefix);
- session.setAttribute(ATT_REAL_URLPREFIX, realURLPrefix);
- session.setAttribute(ATT_SSL_SOCKET_FACTORY, ssf);
- session.setAttribute(ATT_LOGIN_HEADERS, loginHeaders);
- session.setAttribute(ATT_LOGIN_PARAMETERS, loginParameters);
- Logger.debug("moa-id-proxy: HTTPSession angelegt");
- }
-
- // tunnel request to the online application
- int respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf);
- if (respcode == 401)
- {
- Logger.debug("Got 401, trying again");
-
- respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf);
- if (respcode == 401)
- throw new ProxyException("proxy.12", new Object[] { realURLPrefix});
- }
- }
- catch (ProxyException ex) {
- throw new ProxyException("proxy.12", new Object[] { realURLPrefix});
- }
- catch (Throwable ex) {
- throw new ProxyException("proxy.04", new Object[] { urlRequested, ex.toString()}, ex);
- }
- }
-
- /**
- * Tunnels a request to the stateless online application using data stored in the HTTP session.
- * @param req HTTP request
- * @param resp HTTP response
- * @throws IOException if an I/O error occurs
- */
- private void tunnelRequest(HttpServletRequest req, HttpServletResponse resp) throws ProxyException, IOException {
-
- Logger.debug("Tunnel request (stateless)");
- HttpSession session = req.getSession(false);
- if (session == null)
- throw new ProxyException("proxy.07", null);
- String publicURLPrefix = (String) session.getAttribute(ATT_PUBLIC_URLPREFIX);
- String realURLPrefix = (String) session.getAttribute(ATT_REAL_URLPREFIX);
- SSLSocketFactory ssf = (SSLSocketFactory) session.getAttribute(ATT_SSL_SOCKET_FACTORY);
- Map loginHeaders = (Map) session.getAttribute(ATT_LOGIN_HEADERS);
- Map loginParameters = (Map) session.getAttribute(ATT_LOGIN_PARAMETERS);
- if (publicURLPrefix == null || realURLPrefix == null)
- throw new ProxyException("proxy.08", new Object[] { req.getRequestURL().toString()});
-
- int respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf);
- if (respcode == 401)
- {
- Logger.debug("Got 401, trying again");
- respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf);
- if (respcode == 401)
- throw new ProxyException("proxy.12", new Object[] { realURLPrefix});
- }
- }
-
-/**
- * Tunnels a request to the online application using given URL mapping and SSLSocketFactory.
- * This method returns the ResponseCode of the request to the online application.
- * @param req HTTP request
- * @param resp HTTP response
- * @param loginHeaders header field/values to be inserted for purposes of authentication;
- * may be <code>null</code>
- * @param loginParameters parameter name/values to be inserted for purposes of authentication;
- * may be <code>null</code>
- * @param publicURLPrefix prefix of request URL to be substituted for the <code>realURLPrefix</code>
- * @param realURLPrefix prefix of online application URL to substitute the <code>publicURLPrefix</code>
- * @param ssf SSLSocketFactory to use
- * @throws IOException if an I/O error occurs
- */
-private int tunnelRequest(HttpServletRequest req, HttpServletResponse resp, Map loginHeaders, Map loginParameters, String publicURLPrefix, String realURLPrefix, SSLSocketFactory ssf)
- throws IOException {
-
- // collect headers from request
- Map headers = new HashMap();
- for (Enumeration enum = req.getHeaderNames(); enum.hasMoreElements();) {
- String headerKey = (String) enum.nextElement();
- //We ignore any Basic-Auth-Headers from the client
- if (headerKey.equalsIgnoreCase("Authorization"))
- { Logger.debug("Ignoring authorization-header from browser: " +req.getHeader(headerKey) );
- }
- else
- headers.put(headerKey, req.getHeader(headerKey));
- }
- // collect login headers, possibly overwriting headers from request
- if (loginHeaders != null) {
- for (Iterator iter = loginHeaders.keySet().iterator(); iter.hasNext();) {
- String headerKey = (String) iter.next();
- headers.put(headerKey, loginHeaders.get(headerKey));
- }
- }
- // collect parameters from request
- Map parameters = new HashMap();
- for (Enumeration enum = req.getParameterNames(); enum.hasMoreElements();) {
- String paramName = (String) enum.nextElement();
- parameters.put(paramName, req.getParameter(paramName));
- }
- // collect login parameters, possibly overwriting parameters from request
- if (loginParameters != null) {
- for (Iterator iter = loginParameters.keySet().iterator(); iter.hasNext();) {
- String paramName = (String) iter.next();
- parameters.put(paramName, loginParameters.get(paramName));
- }
- }
-
- headers.remove("content-length");
- parameters.remove(PARAM_SAMLARTIFACT);
- parameters.remove(PARAM_TARGET);
-
- ConnectionBuilder cb = ConnectionBuilderFactory.getConnectionBuilder(publicURLPrefix);
- HttpURLConnection conn = cb.buildConnection(req, publicURLPrefix, realURLPrefix, ssf, parameters);
-
- //Set Cookies...
-
- String cookieString = CookieManager.getInstance().getCookie(req.getSession().getId());
- if (cookieString!=null)
- {
- //If we get Cookies from Client, we put them throgh if they dont exist/conflict with the stored Cookies
- for (Iterator iter = headers.keySet().iterator(); iter.hasNext();) {
- String headerKey = (String) iter.next();
- String headerValue = (String) headers.get(headerKey);
- if (headerKey.equalsIgnoreCase("Cookie"))
- CookieManager.getInstance().saveOldCookies(req.getSession().getId(), headerValue);
- }
- cookieString = CookieManager.getInstance().getCookie(req.getSession().getId());
- headers.put("cookie", cookieString);
- }
-
- // set headers as request properties of URLConnection
- for (Iterator iter = headers.keySet().iterator(); iter.hasNext();) {
- String headerKey = (String) iter.next();
- String headerValue = (String) headers.get(headerKey);
- conn.setRequestProperty(headerKey, headerValue);
- Logger.debug("Req header " + headerKey + ": " + headers.get(headerKey));
- if (Logger.isDebugEnabled() && isBasicAuthenticationHeader(headerKey, headerValue)) {
- String credentials = headerValue.substring(6);
- String userIDPassword = new String(Base64Utils.decode(credentials, false));
- Logger.debug(":UserID:Password: :" + userIDPassword + ":");
- }
- }
- // Write out parameters into output stream of URLConnection.
- // On GET request, do not send parameters in any case,
- // otherwise HttpURLConnection would send a POST.
- if (!"get".equalsIgnoreCase(req.getMethod()) && !parameters.isEmpty()) {
- boolean firstParam = true;
- StringWriter sb = new StringWriter();
- for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) {
- String paramname = (String) iter.next();
- String value = URLEncoder.encode((String) parameters.get(paramname));
- if (firstParam)
- firstParam = false;
- else
- sb.write("&");
- sb.write(paramname);
- sb.write("=");
- sb.write(value);
- Logger.debug("Req param " + paramname + ": " + value);
- }
- PrintWriter reqOut = new PrintWriter(conn.getOutputStream());
- reqOut.write(sb.toString());
- reqOut.flush();
- reqOut.close();
- }
- // connect
- conn.connect();
-
- // Read response status and content type.
- // If the connection returns a 401 disconnect and return
- // otherwise the attempt to read data from that connection
- // will result in an error
-
- if (conn.getResponseCode()==HttpURLConnection.HTTP_UNAUTHORIZED)
- {
- Logger.debug("Found 401... searching cookies");
- String headerKey;
-
- int i = 1;
- CookieManager cm = CookieManager.getInstance();
- while ((headerKey = conn.getHeaderFieldKey(i)) != null) {
- String headerValue = conn.getHeaderField(i);
- if (headerKey.equalsIgnoreCase("set-cookie"))
- { cm.saveCookie(req.getSession().getId(), headerValue);
- cm.add401(req.getSession().getId(),headerValue);
- Logger.debug("Cookie " + headerValue);
- Logger.debug("CookieSession " + req.getSession().getId());
- }
- i++;
- }
-
- conn.disconnect();
- return conn.getResponseCode();
- }
- resp.setStatus(conn.getResponseCode());
- resp.setContentType(conn.getContentType());
-
- // Read response headers
- // Omit response header "content-length" if response header "Transfer-encoding: chunked" is set.
- // Otherwise, the connection will not be kept alive, resulting in subsequent missing requests.
- // See JavaDoc of javax.servlet.http.HttpServlet:
- // When using HTTP 1.1 chunked encoding (which means that the response has a Transfer-Encoding header), do not set the Content-Length header.
- Map respHeaders = new HashMap();
- boolean chunked = false;
- String contentLengthKey = null;
- String transferEncodingKey = null;
- int i = 1;
- String headerKey;
- while ((headerKey = conn.getHeaderFieldKey(i)) != null) {
- String headerValue = conn.getHeaderField(i);
- respHeaders.put(headerKey, headerValue);
- if (isTransferEncodingChunkedHeader(headerKey, headerValue)) {
- chunked = true;
- transferEncodingKey = headerKey;
- }
- CookieManager cm = CookieManager.getInstance();
- if (headerKey.equalsIgnoreCase("set-cookie"))
- { cm.saveCookie(req.getSession().getId(), headerValue);
- Logger.debug("Cookie " + headerValue);
- Logger.debug("CookieSession " + req.getSession().getId());
- }
- if ("content-length".equalsIgnoreCase(headerKey))
- contentLengthKey = headerKey;
- Logger.debug("Resp header " + headerKey + ": " + headerValue);
- i++;
- }
- if (chunked && contentLengthKey != null) {
- respHeaders.remove(transferEncodingKey);
- Logger.debug("Resp header " + transferEncodingKey + " REMOVED");
- }
-
- //Get a Hash-Map of all 401-set-cookies
- HashMap cookies401 = CookieManager.getInstance().get401(req.getSession().getId());
-
- for (Iterator iter = respHeaders.keySet().iterator(); iter.hasNext();) {
- headerKey = (String) iter.next();
-
- if (headerKey.equalsIgnoreCase("Set-Cookie"))
- {
- String headerValue = (String) respHeaders.get(headerKey);
- Logger.debug("Found 'Set-Cookie' in ResponseHeaders: " + headerValue);
- if(!cookies401.containsKey(headerValue.substring(0, headerValue.indexOf("="))))
- {
- // If we dont already have a Set-Cookie-Value for THAT Cookie we create one...
- CookieManager.getInstance().add401(req.getSession().getId(), headerValue);
- }
- }
- }
-
- //write out all Responseheaders != "set-cookie"
- for (Iterator iter = respHeaders.keySet().iterator(); iter.hasNext();) {
- headerKey = (String) iter.next();
- if (!headerKey.equalsIgnoreCase("Set-Cookie"))
- resp.addHeader(headerKey, (String) respHeaders.get(headerKey));
- }
-
- //write out all Responseheaders = "set-cookie"
- cookies401 = CookieManager.getInstance().get401(req.getSession().getId());
- Iterator cookie_i = cookies401.values().iterator();
- while (cookie_i.hasNext()) {
- String element = (String) cookie_i.next();
- resp.addHeader("Set-Cookie", element);
- }
- //Delete all "Set-Cookie" - Values
- CookieManager.getInstance().clear401(req.getSession().getId());
-
- // read response stream
- Logger.debug("Resp from " + conn.getURL().toString() + ": status " + conn.getResponseCode());
- // Load content unless the server lets us know that the content is NOT MODIFIED...
- if (conn.getResponseCode()!=HttpURLConnection.HTTP_NOT_MODIFIED)
- {
- BufferedInputStream respIn = new BufferedInputStream(conn.getInputStream());
- Logger.debug("Got Inputstream");
- BufferedOutputStream respOut = new BufferedOutputStream(resp.getOutputStream());
- Logger.debug("Got Outputstream");
- int ch;
- while ((ch = respIn.read()) >= 0)
- respOut.write(ch);
- respOut.close();
- respIn.close();
- }
- else
- Logger.debug("Found 304 NOT MODIFIED...");
- conn.disconnect();
- Logger.debug("Request done");
-
-
- return conn.getResponseCode();
-}
-/**
- * Determines whether a HTTP header is a basic authentication header of the kind "Authorization: Basic ..."
- *
- * @param headerKey header name
- * @param headerValue header value
- * @return true for a basic authentication header
- */
-private boolean isBasicAuthenticationHeader(String headerKey, String headerValue) {
- if (!"authorization".equalsIgnoreCase(headerKey))
- return false;
- if (headerValue.length() < "basic".length())
- return false;
- String authenticationSchema = headerValue.substring(0, "basic".length());
- return "basic".equalsIgnoreCase(authenticationSchema);
-}
-/**
- * Determines whether a HTTP header is "Transfer-encoding" header with value containing "chunked"
- *
- * @param headerKey header name
- * @param headerValue header value
- * @return true for a "Transfer-encoding: chunked" header
- */
-private boolean isTransferEncodingChunkedHeader(String headerKey, String headerValue) {
- if (!"transfer-encoding".equalsIgnoreCase(headerKey))
- return false;
- return headerValue.indexOf("chunked") >= 0 || headerValue.indexOf("Chunked") >= 0 || headerValue.indexOf("CHUNKED") >= 0;
-}
-
-/**
- * Calls the web application initializer.
- *
- * @see javax.servlet.Servlet#init(ServletConfig)
- */
-public void init(ServletConfig servletConfig) throws ServletException {
- try {
- MOAIDProxyInitializer.initialize();
- Logger.info(MOAIDMessageProvider.getInstance().getMessage("proxy.00", null));
- }
- catch (Exception ex) {
- Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("proxy.06", null), ex);
- throw new ServletException(ex);
- }
-}
-/**
- * Handles an error in proxying the request.
- * <ul>
- * <li>Logs the error.</li>
- * <li>Outputs an HTML error page.</li>
- * </ul>
- * @param resp the HttpServletResponse
- * @param errorMessage error message to be used
- * @param ex the exception to be logged
- */
-private void handleError(HttpServletResponse resp, String errorMessage, Throwable ex) {
- Logger.error(errorMessage, ex);
- String htmlCode =
- "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">"
- + "<html><head><title>"
- + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null)
- + "</title></head><body>"
- + "<h1>"
- + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null)
- + "</h1>"
- + "<p>"
- + MOAIDMessageProvider.getInstance().getMessage("proxy.11", null)
- + "</p>"
- + "<p>"
- + errorMessage
- + "</p>"
- + "</body></html>";
- resp.setContentType("text/html");
- try {
- OutputStream respOut = resp.getOutputStream();
- respOut.write(htmlCode.getBytes());
- respOut.flush();
- }
- catch (IOException ioex) {
- Logger.error("", ioex);
- }
-}
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java b/id.server/src/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java
deleted file mode 100644
index 8967bdbba..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java
+++ /dev/null
@@ -1,213 +0,0 @@
-package at.gv.egovernment.moa.id.util;
-
-import java.io.BufferedWriter;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-import java.io.PrintWriter;
-import java.net.Socket;
-import java.security.GeneralSecurityException;
-import java.util.Hashtable;
-
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-
-import org.apache.axis.components.net.BooleanHolder;
-import org.apache.axis.components.net.DefaultSocketFactory;
-import org.apache.axis.components.net.SecureSocketFactory;
-import org.apache.axis.components.net.TransportClientProperties;
-import org.apache.axis.components.net.TransportClientPropertiesFactory;
-import org.apache.axis.utils.Messages;
-import org.apache.axis.utils.XMLUtils;
-
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Secure socket factory for Axis webs service clients of the MOA-ID component,
- * which are the MOA-SP calls from MOA-ID Auth,
- * and the MOA-ID Auth calls from MOA-ID Proxy.
- * <br/>Use this initialization code:<br/>
- * <code> // ConnectionParameter connParam = ... get from ConfigurationProvider
- * AxisSecureSocketFactory.initialize(connParam);</code>
- * <br/>See the Apache Axis documentation on how to configure this class
- * as the default secure socket factory to be used by Axis.
- * <br/>
- * This code has been copied from <code>JSSESocketFactory</code>, the
- * method <code>initialize()</code> has been added.
- *
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AxisSecureSocketFactory
- extends DefaultSocketFactory implements SecureSocketFactory {
-
- /** Field sslFactory */
- private static SSLSocketFactory sslFactory;
-
- /**
- * Constructor for AxisSecureSocketFactory.
- * @param attributes ???
- */
- public AxisSecureSocketFactory(Hashtable attributes) {
- super(attributes);
- }
- /**
- * Initializes the factory by setting the connection parameters to be used for
- * setting the secure socket factory, and by setting the system property
- * <code>axis.socketSecureFactory</code>.
- * @param connParam <code>ConnectionParameter</code> to derive the
- * secure socket factory from
- */
- public static void initialize(SSLSocketFactory ssf)
- throws IOException, GeneralSecurityException {
-
- Logger.debug("Initialize AxisSecureSocketFactory");
- sslFactory = ssf;
- }
-
- /**
- * creates a secure socket
- *
- * @param host
- * @param port
- * @param otherHeaders
- * @param useFullURL
- *
- * @return Socket
- * @throws Exception
- */
- public Socket create(
- String host,
- int port,
- StringBuffer otherHeaders,
- BooleanHolder useFullURL)
- throws Exception {
- if (port == -1) {
- port = 443;
- }
-
- TransportClientProperties tcp =
- TransportClientPropertiesFactory.create("https");
-
- boolean hostInNonProxyList =
- isHostInNonProxyList(host, tcp.getNonProxyHosts());
-
- Socket sslSocket = null;
- if (tcp.getProxyHost().length() == 0 || hostInNonProxyList) {
- // direct SSL connection
- sslSocket = sslFactory.createSocket(host, port);
- }
- else {
-
- // Default proxy port is 80, even for https
- int tunnelPort =
- (tcp.getProxyPort().length() != 0)
- ? Integer.parseInt(tcp.getProxyPort())
- : 80;
- if (tunnelPort < 0)
- tunnelPort = 80;
-
- // Create the regular socket connection to the proxy
- Socket tunnel = new Socket(tcp.getProxyHost(), tunnelPort);
-
- // The tunnel handshake method (condensed and made reflexive)
- OutputStream tunnelOutputStream = tunnel.getOutputStream();
- PrintWriter out =
- new PrintWriter(
- new BufferedWriter(new OutputStreamWriter(tunnelOutputStream)));
-
- // More secure version... engage later?
- // PasswordAuthentication pa =
- // Authenticator.requestPasswordAuthentication(
- // InetAddress.getByName(tunnelHost),
- // tunnelPort, "SOCK", "Proxy","HTTP");
- // if(pa == null){
- // printDebug("No Authenticator set.");
- // }else{
- // printDebug("Using Authenticator.");
- // tunnelUser = pa.getUserName();
- // tunnelPassword = new String(pa.getPassword());
- // }
- out.print(
- "CONNECT "
- + host
- + ":"
- + port
- + " HTTP/1.0\r\n"
- + "User-Agent: AxisClient");
- if (tcp.getProxyUser().length() != 0
- && tcp.getProxyPassword().length() != 0) {
-
- // add basic authentication header for the proxy
- String encodedPassword =
- XMLUtils.base64encode(
- (tcp.getProxyUser() + ":" + tcp.getProxyPassword()).getBytes());
-
- out.print("\nProxy-Authorization: Basic " + encodedPassword);
- }
- out.print("\nContent-Length: 0");
- out.print("\nPragma: no-cache");
- out.print("\r\n\r\n");
- out.flush();
- InputStream tunnelInputStream = tunnel.getInputStream();
-
- if (log.isDebugEnabled()) {
- log.debug(
- Messages.getMessage(
- "isNull00",
- "tunnelInputStream",
- "" + (tunnelInputStream == null)));
- }
- String replyStr = "";
-
- // Make sure to read all the response from the proxy to prevent SSL negotiation failure
- // Response message terminated by two sequential newlines
- int newlinesSeen = 0;
- boolean headerDone = false; /* Done on first newline */
-
- while (newlinesSeen < 2) {
- int i = tunnelInputStream.read();
-
- if (i < 0) {
- throw new IOException("Unexpected EOF from proxy");
- }
- if (i == '\n') {
- headerDone = true;
- ++newlinesSeen;
- }
- else if (i != '\r') {
- newlinesSeen = 0;
- if (!headerDone) {
- replyStr += String.valueOf((char) i);
- }
- }
- }
- if (!replyStr.startsWith("HTTP/1.0 200")
- && !replyStr.startsWith("HTTP/1.1 200")) {
- throw new IOException(
- Messages.getMessage(
- "cantTunnel00",
- new String[] { tcp.getProxyHost(), "" + tunnelPort, replyStr }));
- }
-
- // End of condensed reflective tunnel handshake method
- sslSocket = sslFactory.createSocket(tunnel, host, port, true);
- if (log.isDebugEnabled()) {
- log.debug(
- Messages.getMessage(
- "setupTunnel00",
- tcp.getProxyHost(),
- "" + tunnelPort));
- }
- }
-
- ((SSLSocket) sslSocket).startHandshake();
- if (log.isDebugEnabled()) {
- log.debug(Messages.getMessage("createdSSL00"));
- }
- return sslSocket;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java b/id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java
deleted file mode 100644
index d31aa6ec1..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java
+++ /dev/null
@@ -1,58 +0,0 @@
-package at.gv.egovernment.moa.id.util;
-
-import java.util.Locale;
-
-import at.gv.egovernment.moa.util.Messages;
-
-/**
- * A singleton wrapper around a <code>Message</code> object, providing the messages used in MOA-ID.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDMessageProvider {
-
- /** DEFAULT_MESSAGE_RESOURCES are resources/properties/id_messages */
- private static final String[] DEFAULT_MESSAGE_RESOURCES =
- { "resources/properties/id_messages" };
- /** DEFAULT_MESSAGE_LOCALES are "de", "AT" */
- private static final Locale[] DEFAULT_MESSAGE_LOCALES =
- new Locale[] { new Locale("de", "AT") };
- /** The instance for our singleton */
- private static MOAIDMessageProvider instance;
- /** The Messages */
- private Messages messages;
-
- /**
- * Returns the single instance of <code>MOAIDMessageProvider</code>.
- *
- * @return the single instance of <code>MOAIDMessageProvider</code>
- */
- public static MOAIDMessageProvider getInstance() {
- if (instance == null)
- instance = new MOAIDMessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES);
- return instance;
- }
-
- /**
- * Create a <code>MOAIDMessageProvider</code>.
- *
- * @param resourceNames The names of the resources containing the messages.
- * @param locales The corresponding locales.
- */
- protected MOAIDMessageProvider(String[] resourceNames, Locale[] locales) {
- this.messages = new Messages(resourceNames, locales);
- }
-
- /**
- * Get the message corresponding to a given message ID.
- *
- * @param messageId The ID of the message.
- * @param parameters The parameters to fill in into the message arguments.
- * @return The formatted message.
- */
- public String getMessage(String messageId, Object[] parameters) {
- return messages.getMessage(messageId, parameters);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/Random.java b/id.server/src/at/gv/egovernment/moa/id/util/Random.java
deleted file mode 100644
index da75b4213..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/util/Random.java
+++ /dev/null
@@ -1,22 +0,0 @@
-package at.gv.egovernment.moa.id.util;
-
-import java.util.Date;
-
-/**
- * Random number generator used to generate ID's
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class Random {
-
- /** random number generator used */
- private static java.util.Random random = new java.util.Random(new Date().getTime());
- /**
- * Creates a new random number, to be used as an ID.
- *
- * @return random long as a String
- */
- public static String nextRandom() {
- return "" + random.nextLong();
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java b/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java
deleted file mode 100644
index e0739d941..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java
+++ /dev/null
@@ -1,160 +0,0 @@
-package at.gv.egovernment.moa.id.util;
-
-import iaik.pki.PKIConfiguration;
-import iaik.pki.PKIException;
-import iaik.pki.PKIFactory;
-import iaik.pki.PKIProfile;
-import iaik.pki.jsse.IAIKX509TrustManager;
-
-import java.io.BufferedInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.Security;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.iaik.config.PKIConfigurationImpl;
-import at.gv.egovernment.moa.id.iaik.pki.PKIProfileImpl;
-import at.gv.egovernment.moa.id.iaik.pki.jsse.MOAIDTrustManager;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.StreamUtils;
-
-import com.sun.net.ssl.HttpsURLConnection;
-import com.sun.net.ssl.KeyManager;
-import com.sun.net.ssl.SSLContext;
-import com.sun.net.ssl.TrustManager;
-
-/**
- * Utility for a obtaining a secure socket factory using <code>IAIKX509TrustManager</code>.
- * This <code>TrustManager</code> implementation features CRL checking.<br/>
- * <code>SSLUtils</code> caches secure socket factories for given <code>ConnectionParameter</code>s.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SSLUtils {
-
- /** SSLSocketFactory store, mapping URL->SSLSocketFactory **/
- private static Map sslSocketFactories = new HashMap();
-
- /**
- * Initializes the SSLSocketFactory store.
- */
- public static void initialize() {
- sslSocketFactories = new HashMap();
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
- }
-
- /**
- * Creates an <code>SSLSocketFactory</code> which utilizes an
- * <code>IAIKX509TrustManager</code> for the given trust store,
- * and the given key store.
- *
- * @param conf configuration provider providing a generic properties pointing
- * to trusted CA store and certificate store root
- * @param connParam connection parameter containing the client key store settings
- * to be used in case of client authentication;
- * if <code>connParam.getClientKeyStore() == null</code>, client authentication
- * is assumed to be disabled
- * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code>
- * @throws IOException thrown while reading key store file
- * @throws GeneralSecurityException thrown while creating the socket factory
- * @throws ConfigurationException on invalid configuration data
- * @throws PKIException while initializing the <code>IAIKX509TrustManager</code>
- */
- public static SSLSocketFactory getSSLSocketFactory(
- ConfigurationProvider conf,
- ConnectionParameter connParam)
- throws IOException, GeneralSecurityException, ConfigurationException, PKIException {
-
- Logger.debug("Get SSLSocketFactory for " + connParam.getUrl());
- // retrieve SSLSocketFactory if already created
- SSLSocketFactory ssf = (SSLSocketFactory)sslSocketFactories.get(connParam.getUrl());
- if (ssf != null)
- return ssf;
- // else create new SSLSocketFactory
- String trustStoreURL = conf.getTrustedCACertificates();
- if (trustStoreURL == null)
- throw new ConfigurationException(
- "config.08", new Object[] {"TrustedCACertificates"});
- String acceptedServerCertURL = connParam.getAcceptedServerCertificates();
- TrustManager[] tms = getTrustManagers(conf, trustStoreURL, acceptedServerCertURL);
- KeyManager[] kms = at.gv.egovernment.moa.util.SSLUtils.getKeyManagers(
- "pkcs12", connParam.getClientKeyStore(), connParam.getClientKeyStorePassword());
- SSLContext ctx = SSLContext.getInstance("TLS");
- ctx.init(kms, tms, null);
- ssf = ctx.getSocketFactory();
- // store SSLSocketFactory
- sslSocketFactories.put(connParam.getUrl(), ssf);
- return ssf;
- }
-
- /**
- * Initializes an <code>IAIKX509TrustManager</code> for a given trust store,
- * using configuration data.
- *
- * @param conf MOA-ID configuration provider
- * @param trustStoreURL trust store URL
- * @param acceptedServerCertURL file URL pointing to directory containing accepted server SSL certificates
- * @return <code>TrustManager</code> array containing the <code>IAIKX509TrustManager</code>
- * @throws ConfigurationException on invalid configuration data
- * @throws IOException on data-reading problems
- * @throws PKIException while initializing the <code>IAIKX509TrustManager</code>
- */
- public static TrustManager[] getTrustManagers(
- ConfigurationProvider conf, String trustStoreURL, String acceptedServerCertURL)
- throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
-
- PKIConfiguration cfg = null;
- if (! PKIFactory.getInstance().isAlreadyConfigured())
- cfg = new PKIConfigurationImpl(conf);
- String boolString = conf.getGenericConfigurationParameter(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING);
- //not using BoolUtils because default value hast to be true!
- boolean checkRevocation = !("false".equals(boolString) || "0".equals(boolString));
- //TODO RS verify SSL Revocation handling
- PKIProfile profile = new PKIProfileImpl(trustStoreURL, checkRevocation);
- // This call fixes a bug occuring when PKIConfiguration is
- // initialized by the MOA-SP initialization code, in case
- // MOA-SP is called by API
- MOAIDTrustManager.initializeLoggingContext();
- IAIKX509TrustManager tm = new MOAIDTrustManager(acceptedServerCertURL);
- tm.init(cfg, profile);
- return new TrustManager[] {tm};
- }
- /**
- * Reads a file, given by URL, into a byte array,
- * securing the connection by IAIKX509TrustManager.
- * @param connParam containing URL and accepted server certificates
- * @param conf ConfigurationProvider for reading
- * @return file content
- * @throws ConfigurationException on invalid configuration data
- * @throws PKIException on invalid configuration data
- * @throws IOException on data-reading problems
- * @throws GeneralSecurityException on security issues
- */
- public static byte[] readHttpsURL(ConfigurationProvider conf, ConnectionParameter connParam)
- throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
-
- URL url = new URL(connParam.getUrl());
- HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();
- conn.setRequestMethod("GET");
- conn.setDoInput(true);
- SSLSocketFactory sslSocketFactory = getSSLSocketFactory(conf, connParam);
- conn.setSSLSocketFactory(sslSocketFactory);
- conn.connect();
- InputStream in = new BufferedInputStream(conn.getInputStream());
- byte[] content = StreamUtils.readStream(in);
- in.close();
- conn.disconnect();
- return content;
- }
-
-}
diff --git a/id.server/src/test/MOAIDTestCase.java b/id.server/src/test/MOAIDTestCase.java
deleted file mode 100644
index 725fa1386..000000000
--- a/id.server/src/test/MOAIDTestCase.java
+++ /dev/null
@@ -1,203 +0,0 @@
-package test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import javax.xml.transform.TransformerException;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.StreamUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-import iaik.ixsil.algorithms.Transform;
-import iaik.ixsil.algorithms.TransformImplExclusiveCanonicalXML;
-import iaik.ixsil.exceptions.AlgorithmException;
-import iaik.ixsil.exceptions.InitException;
-import iaik.ixsil.exceptions.URIException;
-import iaik.ixsil.init.IXSILInit;
-import iaik.ixsil.util.URI;
-import test.at.gv.egovernment.moa.MOATestCase;
-
-/*
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDTestCase extends MOATestCase implements Constants {
-
- public static final String XML_DECL =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>";
- protected static final String nl = "\n";
-
- public MOAIDTestCase(String name) {
- super(name);
- }
-
- protected void initIxsil() throws InitException, URIException {
- IXSILInit.init(new URI("init/properties/init.properties"));
- // Switch on debug information
- IXSILInit.setPrintDebugLog(true);
- }
- //STRING <==> STRING
- protected void assertXmlEquals(String xml1, String xml2)
- throws AlgorithmException, IOException, InitException, URIException{
- initIxsil();
- String canXml1 = canonicalTransform(xml1);
- String canXml2 = canonicalTransform(xml2);
- assertEquals(canXml1, canXml2); }
- // ELEMENT <==> ELEMENT
- protected void assertXmlEquals(Element xml1, Element xml2)
- throws AlgorithmException, IOException, InitException , URIException, TransformerException{
- initIxsil();
- assertEquals(canonicalTransform(DOMUtils.serializeNode(xml1)),canonicalTransform(DOMUtils.serializeNode(xml2)));
- }
- // INPUTSTREAM <==> INPUTSTREAM
- protected void assertXmlEquals(InputStream xml1, InputStream xml2)
- throws AlgorithmException, IOException, InitException , URIException{
- initIxsil();
- assertEquals(canonicalTransform(xml1),canonicalTransform(xml2));
- }
- // ELEMENT <==> STRING
- protected void assertXmlEquals(Element xml1, String xml2)
- throws AlgorithmException, IOException, InitException , URIException, TransformerException {
- initIxsil();
- assertEquals(canonicalTransform(xml1),canonicalTransform(xml2));
- }
- // ELEMENT <==> INPUTSTREAM
- protected void assertXmlEquals(Element xml1, InputStream xml2)
- throws AlgorithmException, IOException, InitException , URIException, TransformerException{
- initIxsil();
- assertEquals(canonicalTransform(xml1),canonicalTransform(xml2));
- }
- // STRING <==> INPUTSTREAM
- protected void assertXmlEquals(String xml1, InputStream xml2)
- throws AlgorithmException, IOException, InitException , URIException{
- initIxsil();
- assertEquals(canonicalTransform(xml1),canonicalTransform(xml2));
- }
-
- /**
- * Method canonicalTransform.
- * @param input as STRING
- * @return String
- */
- protected String canonicalTransform(String input)
- throws AlgorithmException, IOException {
-
- Transform tr = new TransformImplExclusiveCanonicalXML();
- InputStream s = new ByteArrayInputStream(input.getBytes("UTF-8"));
- tr.setInput(s, null);
- ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform();
- return killWhiteSpace(readString(transResult));
- }
- /**
- * Method canonicalTransform.
- * @param input as Element
- * @return String
- */
- protected String canonicalTransform(Element input)
- throws AlgorithmException, IOException {
-
- Transform tr = new TransformImplExclusiveCanonicalXML();
- tr.setInput(XPathUtils.selectNodeList(input, XPathUtils.ALL_NODES_XPATH), null);
- ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform();
-
- return killWhiteSpace(readString(transResult));
- }
-
- /**
- * Method canonicalTransform.
- * @param input as InputStream
- * @return String
- */
- protected String canonicalTransform(InputStream input)
- throws AlgorithmException, IOException {
-
- Transform tr = new TransformImplExclusiveCanonicalXML(); tr.setInput(input, null);
- ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform();
-
- return killWhiteSpace(readString(transResult));
- }
-
- public static String killWhiteSpace(String input)
- {
- int start=0;
- int ende;
- String result;
- String middle;
- result = input;
- do {
- start = result.indexOf(">", start);
- ende = result.indexOf("<", start);
- middle = result.substring(start+1,ende).trim();
- result = result.substring(0,start+1) +middle + result.substring(ende,result.length());
- start++;
- } while (result.indexOf("<", ende + 1)>0);
-
- return result;
- }
-
- /**
- * Method killExclusive.: The values startsWith and endsWith will be included into the answer.
- * @param input
- * @param startsWith
- * @param endsWith
- * @param newValue
- * @return String
- */
- public static String killExclusive(String input, String startsWith, String endsWith, String newValue)
- {
- int start=0;
- int ende;
- String result;
- result = input;
- do {
- start = result.indexOf(startsWith, start) + startsWith.length();
- ende = result.indexOf(endsWith, start);
- result = result.substring(0,start) + newValue + result.substring(ende,result.length());
- start++;
- } while (result.indexOf(startsWith, ende + 1)>0);
-
- return result;
- }
-
- /**
- * Method killInclusive. : The values startsWith and endsWith will NOT be included into the answer.
- * @param input
- * @param startsWith
- * @param endsWith
- * @param newValue
- * @return String
- */
- public static String killInclusive(String input, String startsWith, String endsWith, String newValue)
- {
- int start=0;
- int ende;
- String result;
- result = input;
- do {
- start = result.indexOf(startsWith, start) + startsWith.length();
- ende = result.indexOf(endsWith, start);
- result = result.substring(0,start - startsWith.length() ) + newValue + result.substring(ende + endsWith.length(),result.length());
- start++;
- } while (result.indexOf(startsWith, ende + 1)>0);
-
- return result;
- }
-
- protected String readFile(String filename) throws IOException {
- return readFile(filename, "UTF-8");
- }
- protected String readFile(String filename, String encoding) throws IOException {
- return FileUtils.readFile(filename, encoding);
- }
- protected String readString(InputStream input) throws IOException
- {
- return StreamUtils.readStream(input, "UTF-8");
- }
-
-}
diff --git a/id.server/src/test/abnahme/A/Test100StartAuthentication.java b/id.server/src/test/abnahme/A/Test100StartAuthentication.java
deleted file mode 100644
index 0d72691aa..000000000
--- a/id.server/src/test/abnahme/A/Test100StartAuthentication.java
+++ /dev/null
@@ -1,171 +0,0 @@
-package test.abnahme.A;
-
-import test.abnahme.AbnahmeTestCase;
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.WrongParametersException;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class Test100StartAuthentication extends AbnahmeTestCase {
-
- public Test100StartAuthentication(String name) {
- super(name);
- }
-
- public void testA101() throws Exception {
- try {
- String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", //target
- "http://localhost:9080/", //oaURL
- "file:" + findXmldata("AuthTemplate.html"),
- "http://localhost:3495/http-security-layer-request",
- null);
- htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED");
- //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8"));
- assertEquals(readXmldata("htmlForm.html"),htmlForm);
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA102() throws Exception {
- try {
- String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", //target
- "http://localhost:9080/", //oaURL
- null,
- "http://localhost:3495/http-security-layer-request", null);
- htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED");
- //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8"));
- assertEquals(readXmldata("htmlForm.html"),htmlForm);
-
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA103() throws Exception {
- try {
- String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", //target
- "http://localhost:9080/", //oaURL
- "file:" + findXmldata("AuthTemplate.html"),
- null,
- null);
- htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED");
- //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8"));
- assertEquals(readXmldata("htmlForm.html"),htmlForm);
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA151() throws Exception {
- try {
- try {
- server.startAuthentication(null, //authURL
- "gb", //target
- "http://localhost:9080/", //oaURL
- null, null, null);
- //assertEquals("",htmlForm);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (WrongParametersException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA152() throws Exception {
- try {
- try {
- server.startAuthentication("http://localhost:8080/auth", //authURL
- "gb", "http://localhost:9080/", //oaURL
- null, null, null);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA153() throws Exception {
- try {
- try {
- server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", "http://host_not_in_config/", //oaURL
- null, null, null);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA154() throws Exception {
- try {
- try {
- server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", null, //oaURL
- null, null, null);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (WrongParametersException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA155() throws Exception {
- try {
- try {
- server.startAuthentication("https://localhost:8443/auth", //authURL
- null, "http://localhost:9080/", //oaURL
- null, null, null);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (WrongParametersException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- //assertEquals("",htmlForm);
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
-}
diff --git a/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java b/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java
deleted file mode 100644
index ed4410521..000000000
--- a/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java
+++ /dev/null
@@ -1,336 +0,0 @@
-package test.abnahme.A;
-
-import org.w3c.dom.Element;
-import test.abnahme.AbnahmeTestCase;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.validator.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class Test200VerifyIdentityLink extends AbnahmeTestCase {
-
- public Test200VerifyIdentityLink(String name) {
- super(name);
- }
-
- public void testA201() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
-
- String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse);
-
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
-
- VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK);
-
- /*
- * HINWEIS: clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur
- * AUSSLIESSLICH die Attribute IssueInstand und die AssertionID heraus, von dem her ist diese
- * Method hier verwendbar
- */
-
- assertXmlEquals(clearSamlAssertion(readXmldata("CreateXMLSignatureRequest.xml")), clearSamlAssertion(createXMLSignatureRequest));
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
-
- }
- public void testA251() throws Exception {
- try {
- startAuthentication();
- String sessionID = "0";
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA252() throws Exception {
- try {
- String sessionID = startAuthentication();
-
- server.setSecondsSessionTimeOut(-100);
- server.cleanup();
- server.setSecondsSessionTimeOut(1000);
-
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA253() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA254() throws Exception {
- try {
- String sessionID = startAuthentication();
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA255() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- }
- catch (ParseException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA256() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA257() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
-
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA258() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA259() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA260() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA261() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
-
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA262() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- new InfoboxReadResponseParser(infoboxReadResponse).parseIdentityLink();
- // System.out.println(infoboxReadResponse);
-
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA263() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
-
- VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
-
- // String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse);
- // System.out.println(createXMLSignatureRequest);
- // String createXMLSignatureResponse = readFile(TESTDATA_ROOT + "xmldata/standard/"+"CreateXMLSignatureResponse.xml");
- // String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- try {
- VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), new String[] { "CN=TEST,OU=TEST,O=TEST,C=AT" }, VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-}
diff --git a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java
deleted file mode 100644
index d9e69eba4..000000000
--- a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java
+++ /dev/null
@@ -1,597 +0,0 @@
-package test.abnahme.A;
-
-import java.util.Calendar;
-
-import org.w3c.dom.Element;
-import test.abnahme.AbnahmeTestCase;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
-import at.gv.egovernment.moa.id.auth.builder.VPKBuilder;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.auth.validator.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-
-public class Test300VerifyAuthBlock extends AbnahmeTestCase {
-
- public Test300VerifyAuthBlock(String name) {
- super(name);
- }
-
- public void testA301() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- //authDataWriter(authData,this.getName()+"new.xml");
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA302() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- //authDataWriter(authData,this.getName()+"new.xml");
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA303() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA304() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA305() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA306() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA307() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA308() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
-
- }
-
- public void testA309() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA310() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA311() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA351() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // nicht existierende Session....
- try {
- server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA352() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- server.setSecondsSessionTimeOut(-100);
- server.cleanup();
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // abgelaufene Session....
- server.setSecondsSessionTimeOut(1000);
- try {
- server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA353() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
-
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // Session for VerifyIdentityLink-Aufruf
- try {
-
- server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- fail();
- }
- //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData
- // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL...
- catch (NullPointerException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA354() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // nicht existierende Session....
-
- server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- try {
- server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA355() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ParseException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA356() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ParseException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA357() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA358() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA359() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA360() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA361() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA362() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA363() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA364() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
-
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- /* public void testA365() throws Exception {
- String sessionID = startAuthentication();
- try {
- // wegen sinnlosigkeit gestrichen
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
- }*/
-
- public void testA366() throws Exception {
-
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
- }
- public void testA367() throws Exception {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
- }
-
-
- private AuthenticationData initServer(String sessionID) throws Exception {
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
- // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");
- String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- AuthenticationData authData = server.getAuthenticationData(samlArtifact);
- return authData;
- }
-
- private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception {
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
- // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");
-
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
- // parses <CreateXMLSignatureResponse>
- CreateXMLSignatureResponse csresp =
- new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse();
- // validates <CreateXMLSignatureResponse>
- new CreateXMLSignatureResponseValidator().validate(csresp, session.getTarget(), session.getPublicOAURLPrefix());
- // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
- String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
- String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
- Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid);
- // invokes the call
- Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq);
- // parses the <VerifyXMLSignatureResponse>
- VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData();
- // validates the <VerifyXMLSignatureResponse>
- VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK);
- // compares the public keys from the identityLink with the AuthBlock
-
- // builds authentication data and stores it together with a SAML artifact
- AuthenticationData authData = buildAuthenticationData(session, vsresp);
- return authData;
- }
- private AuthenticationData buildAuthenticationData(
- AuthenticationSession session,
- VerifyXMLSignatureResponse verifyXMLSigResp)
- throws ConfigurationException, BuildException {
-
- IdentityLink identityLink = session.getIdentityLink();
- AuthenticationData authData = new AuthenticationData();
- authData.setMajorVersion(1);
- authData.setMinorVersion(0);
- authData.setAssertionID(Random.nextRandom());
- authData.setIssuer(session.getAuthURL());
- authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance()));
- String vpkBase64 = new VPKBuilder().buildVPK(
- identityLink.getIdentificationValue(), identityLink.getDateOfBirth(), session.getTarget());
- authData.setVPK(vpkBase64);
- authData.setGivenName(identityLink.getGivenName());
- authData.setFamilyName(identityLink.getFamilyName());
- authData.setDateOfBirth(identityLink.getDateOfBirth());
- authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate());
- authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
- authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode());
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(
- session.getPublicOAURLPrefix());
- String prPerson = new PersonDataBuilder().build(
- identityLink, oaParam.getProvideZMRZahl());
-
- try {
- String ilAssertion =
- oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : "";
- String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : "";
- String samlAssertion = new AuthenticationDataAssertionBuilder().build(
- authData, prPerson, authBlock, ilAssertion);
- authData.setSamlAssertion(samlAssertion);
- return authData;
- }
- catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] { "AuthenticationData", ex.getMessage() },
- ex);
- }
- }
-}
diff --git a/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java b/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java
deleted file mode 100644
index b05e2b92c..000000000
--- a/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java
+++ /dev/null
@@ -1,129 +0,0 @@
-package test.abnahme.A;
-
-import org.w3c.dom.Element;
-import test.abnahme.AbnahmeTestCase;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-public class Test400GetAuthenticationData extends AbnahmeTestCase {
-
- private String samlArtifact;
-
- public Test400GetAuthenticationData(String name) {
- super(name);
- }
-
- protected void setUp() throws Exception {
- super.setUp();
- String sessionID = startAuthentication();
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
- CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(), "gb", "https://localhost:9443/");
- samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- }
-
- public void testA401() throws Exception {
- try {
-
- AuthenticationData authData = server.getAuthenticationData(samlArtifact);
-// authDataWriter(authData,"NEWA401");
- assertXmlEquals(clearSamlAssertion(authData.getSamlAssertion()), readXmldata("AuthenticationData.xml"));
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA451() throws Exception {
- try {
- try {
- AuthenticationData authData = server.getAuthenticationData("AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi");
- authDataWriter(authData, "A45");
- if (authData != null)
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA452() throws Exception {
- try {
- server.getAuthenticationData(samlArtifact);
- try {
- server.getAuthenticationData(samlArtifact);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA453() throws Exception {
- try {
- server.setSecondsAuthDataTimeOut(-1000);
- server.cleanup();
- try {
- server.getAuthenticationData(samlArtifact);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA454() throws Exception {
- try {
- try {
- server.getAuthenticationData("blabla123");
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
-}
diff --git a/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java b/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java
deleted file mode 100644
index f4f37a871..000000000
--- a/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java
+++ /dev/null
@@ -1,305 +0,0 @@
-package test.abnahme.A;
-
-import java.io.OutputStream;
-import java.net.URL;
-import java.security.Security;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import test.abnahme.AbnahmeTestCase;
-
-import at.gv.egovernment.moa.util.StreamUtils;
-import at.gv.egovernment.moa.util.URLEncoder;
-
-import com.sun.net.ssl.HostnameVerifier;
-import com.sun.net.ssl.HttpsURLConnection;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class Test500StartAuthenticationServlet extends AbnahmeTestCase {
-
- private String testdataRoot = TESTDATA_ROOT + "xmldata/standard/";
- SSLSocketFactory ssf;
- public Test500StartAuthenticationServlet(String name) {
- super(name);
- }
- protected void setUp() throws Exception {
- super.setUp();
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
- System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore");
- System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
- }
-
- public void testA501() throws Exception {
- //NUR einmal für alle folgenden Testfälle
- //----------------------------------------
-
- //----------------------------------------
-
- try {
- String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
- HttpsURLConnection conn = giveConnection(targetURL, "GET");
- conn.connect();
- int resultCode = conn.getResponseCode();
- String contentType = conn.getHeaderField("Content-Type");
- if (resultCode != 200)
- fail("Wrong HTTP-Code");
- if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
- fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
- conn.disconnect();
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA502() throws Exception {
- try {
- String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
- HttpsURLConnection conn = giveConnection(URL, "GET");
- conn.connect();
- int resultCode = conn.getResponseCode();
- String contentType = conn.getHeaderField("Content-Type");
- if (resultCode != 200)
- fail("Wrong HTTP-Code: expected '200' and was '" + resultCode + "'");
- if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
- fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
-
- conn.disconnect();
-
- URL = parseDataURL(result);
- conn = giveConnection(URL, "POST");
- conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
-
- String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
- System.out.println("File gelesen, Daten in Outputstream einpflegen");
- OutputStream out = conn.getOutputStream();
- out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes("UTF-8"));
- out.flush();
- out.close();
-
- System.out.println("Verbinden zu " + URL);
- conn.connect();
- resultCode = conn.getResponseCode();
- System.out.println("resultCode :" + resultCode);
- String redirectLoc = conn.getHeaderField("Location");
- System.out.println("redirectLoc :" + redirectLoc);
- // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein!
- if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc))
- fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location"));
- if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml"))
- fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type"));
- conn.disconnect();
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA503() throws Exception {
- try {
- String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
- HttpsURLConnection conn = giveConnection(URL, "GET");
- conn.connect();
-
- assertEquals(200,conn.getResponseCode());
- if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
- fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
- URL = parseDataURL(result);
-
- conn.disconnect();
- conn = giveConnection(URL, "POST");
- conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
- String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
- OutputStream out = conn.getOutputStream();
- out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
- out.flush();
- out.close();
- conn.connect();
- String redirectLoc = conn.getHeaderField("Location");
- // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein!
- if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc))
- fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location"));
- if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml"))
- fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type"));
- conn.disconnect();
-
- conn = giveConnection(redirectLoc, "POST");
- System.out.println("Redirect Location: " + redirectLoc);
- String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
- out = conn.getOutputStream();
- out.write(("XMLResponse=" +createXMLSignatureResponse).getBytes());
- out.flush();
- out.close();
-
- System.out.println("Sending Data to " + redirectLoc);
- conn.connect();
-
- redirectLoc = conn.getHeaderField("Location");
- System.out.println("redirectLoc: " + redirectLoc);
- /* RandomAccessFile raf = new RandomAccessFile("C://503.xml", "rw");
- raf.write(StreamUtils.readStream(conn.getInputStream()));
- raf.close();*/
- conn.disconnect();
- assertEquals(302, conn.getResponseCode());
- assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact="));
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA551() throws Exception {
- try {
- String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", "");
- HttpsURLConnection conn = giveConnection(targetURL, "GET");
- conn.connect();
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
- assertTrue(result.indexOf("Die Angabe der Parameter ist unvollst&auml;ndig") >= 0);
- conn.disconnect();
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Die Angabe der Parameter ist unvollständig.\n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA552() throws Exception {
- try {
- String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
- HttpsURLConnection conn = giveConnection(URL, "GET");
- conn.connect();
- int resultCode = conn.getResponseCode();
- assertEquals(200, resultCode);
- if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
- fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
- conn.disconnect();
- URL = "https://localhost:8443/moa-id-auth/" + "VerifyIdentityLink?MOASessionID=0000";
- conn = giveConnection(URL, "POST");
- conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
-
- String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
- OutputStream out = conn.getOutputStream();
- out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
- out.flush();
- out.close();
-
- conn.connect();
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
- assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0);
- System.out.println("Fehler in testA552 erfolgreich abgefangen: MOASessionID ist unbekannt");
- conn.disconnect();
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA553() throws Exception {
- try {
- String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
- HttpsURLConnection conn = giveConnection(URL, "GET");
- conn.connect();
- int resultCode = conn.getResponseCode();
- assertEquals(200,resultCode);
- if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
- fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
- String MOASessionID = parseSessionIDFromForm(result);
- URL = parseDataURL(result);
- conn.disconnect();
-
- conn = giveConnection(URL, "POST");
- conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
-
- String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
- OutputStream out = conn.getOutputStream();
- out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
- out.flush();
- out.close();
- conn.connect();
- result = new String(StreamUtils.readStream(conn.getInputStream()));
- String redirectLoc = conn.getHeaderField("Location");
- // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein!
- if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc))
- fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location"));
- if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml"))
- fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type"));
- conn.disconnect();
- conn = giveConnection(redirectLoc + "XXX", "POST");
- System.out.println("Redirect Location: " + redirectLoc + "XXX");
- String createXMLSignatureResponse = "XMLResponse=" + URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
-
- out = conn.getOutputStream();
- out.write(new String("MOASessionID=" + MOASessionID + "&").getBytes());
- out.write(createXMLSignatureResponse.getBytes("UTF-8"));
- out.flush();
- out.close();
- System.out.println("Sending Data to " + redirectLoc);
- conn.connect();
- resultCode = conn.getResponseCode();
-
- result = new String(StreamUtils.readStream(conn.getInputStream()));
- conn.disconnect();
- assertEquals(200, resultCode);
- assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0);
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- private String parseDataURL(String input) {
- String ret = getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\"");
- return ret;
- }
-
- private String getSubString(String input, String startsWith, String endsWith) {
- return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length()));
- }
- private String getURL(String authURL, String target, String oaURL) {
- return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL;
- }
- private String parseSessionIDFromForm(String htmlForm) {
- String parName = "MOASessionID=";
- assertTrue("HTML Form enthält keine SessionID", htmlForm.indexOf(parName) >= 0);
- int i1 = htmlForm.indexOf(parName) + parName.length();
- int i2 = htmlForm.indexOf("\"", i1);
- assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1);
- return htmlForm.substring(i1, i2);
- }
-
- private class HostnameVerifierHack implements HostnameVerifier {
- public boolean verify(String arg0, String arg1) {
- return true;
- }
- }
- private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception {
- URL url = new URL(targetURL);
- HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
- conn.setRequestMethod(requestMethod);
- conn.setDoInput(true);
- conn.setDoOutput(true);
- conn.setUseCaches(false);
- conn.setAllowUserInteraction(false);
- conn.setHostnameVerifier(new HostnameVerifierHack());
- return conn;
- }
-
-} \ No newline at end of file
diff --git a/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java b/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java
deleted file mode 100644
index b44852346..000000000
--- a/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java
+++ /dev/null
@@ -1,281 +0,0 @@
-package test.abnahme.A;
-
-import java.io.OutputStream;
-import java.net.URL;
-import java.security.Security;
-import java.util.Calendar;
-import java.util.Vector;
-
-import javax.xml.namespace.QName;
-import javax.xml.rpc.Call;
-import javax.xml.rpc.Service;
-import javax.xml.rpc.ServiceFactory;
-
-import org.apache.axis.message.SOAPBodyElement;
-import org.w3c.dom.Element;
-
-import com.sun.net.ssl.HostnameVerifier;
-import com.sun.net.ssl.HttpsURLConnection;
-
-import test.abnahme.AbnahmeTestCase;
-
-import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.StreamUtils;
-import at.gv.egovernment.moa.util.URLDecoder;
-import at.gv.egovernment.moa.util.URLEncoder;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-public class Test600GetAuthenticationDataService extends AbnahmeTestCase {
-
- private String moaSessionID;
- private String samlArtifact;
- private static final QName SERVICE_QNAME = new QName("SignatureCreation");
-
- public Test600GetAuthenticationDataService(String name) {
- super(name);
- }
-
- protected void setUp() throws Exception {
- super.setUp();
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
- System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore");
- System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
- }
-
- public void testA601() throws Exception {
- try {
-
- // Anmelden
- String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
- HttpsURLConnection conn = giveConnection(URL, "GET");
- conn.connect();
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
- String MOASessionID = parseSessionIDFromForm(result);
- conn.disconnect();
-
- URL = parseDataURL(result);
- // Verify Identity Link
- conn = giveConnection(URL, "POST");
- conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
- String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
- OutputStream out = conn.getOutputStream();
- out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
- out.flush();
- out.close();
- conn.connect();
- String redirectLoc = conn.getHeaderField("Location");
- conn.disconnect();
- //Verify Auth Block
- conn = giveConnection(redirectLoc, "POST");
- String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
- out = conn.getOutputStream();
- out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8"));
- out.flush();
- out.close();
- conn.connect();
- redirectLoc = conn.getHeaderField("Location");
- samlArtifact = parseSamlArtifact(redirectLoc);
- System.out.println("SamlArtifact: " + samlArtifact);
- conn.disconnect();
-
- assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact="));
-
- conn = null;
-
- SAMLRequestBuilder srb = new SAMLRequestBuilder();
-
- Element erg = doCall(srb.build(moaSessionID,URLDecoder.decode(samlArtifact, "UTF-8")));
- result = DOMUtils.serializeNode(erg);
- result = killInclusive(result,"IssueInstant=\"","\"","");
- result = killInclusive(result,"AssertionID=\"","\"","");
- result = killInclusive(result,"ResponseID=\"","\"","");
-
-// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8"));
-
- assertEquals(result,readXmldata("GetAuthenticationDataWebServiceResponse.xml"));
-
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA651() throws Exception {
- try {
-
- // Anmelden
- String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
- HttpsURLConnection conn = giveConnection(URL, "GET");
- conn.connect();
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
- String MOASessionID = parseSessionIDFromForm(result);
- conn.disconnect();
-
- URL = parseDataURL(result);
- // Verify Identity Link
- conn = giveConnection(URL, "POST");
- conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
- String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
- OutputStream out = conn.getOutputStream();
- out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
- out.flush();
- out.close();
- conn.connect();
- String redirectLoc = conn.getHeaderField("Location");
- conn.disconnect();
- //Verify Auth Block
- conn = giveConnection(redirectLoc, "POST");
- String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
- out = conn.getOutputStream();
- out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8"));
- out.flush();
- out.close();
- conn.connect();
- redirectLoc = conn.getHeaderField("Location");
- samlArtifact = "AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi";
- System.out.println("SamlArtifact: " + samlArtifact);
- conn.disconnect();
-
- assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact="));
-
- conn = null;
-
- SAMLRequestBuilder srb = new SAMLRequestBuilder();
- Element samlPRequest = srb.build(moaSessionID,samlArtifact);
-
- assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("unbekanntes SAML-Artifakt")!=-1);
-
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehler beim Abholen der Anmeldedaten, unbekanntes SAML-Artifakt\n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA652() throws Exception {
- try {
-
- // Anmelden
- String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
- HttpsURLConnection conn = giveConnection(URL, "GET");
- conn.connect();
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
- String MOASessionID = parseSessionIDFromForm(result);
- conn.disconnect();
-
- URL = parseDataURL(result);
- // Verify Identity Link
- conn = giveConnection(URL, "POST");
- conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
- String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
- OutputStream out = conn.getOutputStream();
- out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
- out.flush();
- out.close();
- conn.connect();
- String redirectLoc = conn.getHeaderField("Location");
- conn.disconnect();
- //Verify Auth Block
- conn = giveConnection(redirectLoc, "POST");
- String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
- out = conn.getOutputStream();
- out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8"));
- out.flush();
- out.close();
- conn.connect();
- redirectLoc = conn.getHeaderField("Location");
- samlArtifact = parseSamlArtifact(redirectLoc);
- System.out.println("SamlArtifact: " + samlArtifact);
- conn.disconnect();
-
- assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact="));
-
- conn = null;
- String request =
- "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" +
- moaSessionID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"" +
- DateTimeUtils.buildDateTime(Calendar.getInstance())+"\">" +
- "</samlp:Request>";
-
- Element samlPRequest = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
-
- assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("Fehlerhaftes Requestformat")!=-1);
-// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8"));
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehlerhaftes Requestformat\n-----------------------"); }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- protected Element doCall(Element request)
- throws Exception {
- QName serviceName = new QName("GetAuthenticationData");
- String endPoint = "http://localhost:8080/moa-id-auth/services/GetAuthenticationData";
- Service service = ServiceFactory.newInstance().createService(serviceName);
- Call call = service.createCall();
- SOAPBodyElement body =
- new SOAPBodyElement(request);
- SOAPBodyElement[] params = new SOAPBodyElement[] {body};
- Vector responses;
- SOAPBodyElement response;
-
- call.setTargetEndpointAddress(endPoint);
- responses = (Vector) call.invoke(params);
- response = (SOAPBodyElement) responses.get(0);
-
- return response.getAsDOM();
- }
-
- private String parseDataURL(String input)
- {
- return getSubString(input.substring(input.indexOf("DataURL"),input.length()),"value=\"","\"");
- }
- private String parseSamlArtifact(String input)
- {
- return getSubString(input+"@@@","SAMLArtifact=","@@@");
- }
- private String getSubString(String input, String startsWith, String endsWith)
- {
- return input.substring(input.indexOf(startsWith)+startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith)+startsWith.length()));
- }
- private String getURL(String authURL, String target, String oaURL)
- {
- return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL;
- }
- private String parseSessionIDFromForm(String htmlForm) {
- String parName = "MOASessionID=";
- assertTrue(
- "HTML Form enthält keine SessionID",
- htmlForm.indexOf(parName) >= 0);
- int i1 = htmlForm.indexOf(parName) + parName.length();
- int i2 = htmlForm.indexOf("\"", i1);
- assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1);
- return htmlForm.substring(i1, i2);
- }
- private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception {
- HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection();
- conn.setRequestMethod(requestMethod);
- conn.setDoInput(true);
- conn.setDoOutput(true);
- conn.setUseCaches(false);
- conn.setAllowUserInteraction(false);
- conn.setHostnameVerifier(new HostnameVerifierHack());
- return conn;
- }
- private class HostnameVerifierHack implements HostnameVerifier {
- public boolean verify(String arg0, String arg1) {
- return true;
- }
- }
-}
diff --git a/id.server/src/test/abnahme/A/Test700SelectBKU.java b/id.server/src/test/abnahme/A/Test700SelectBKU.java
deleted file mode 100644
index 9cfa47033..000000000
--- a/id.server/src/test/abnahme/A/Test700SelectBKU.java
+++ /dev/null
@@ -1,63 +0,0 @@
-package test.abnahme.A;
-
-import test.abnahme.AbnahmeTestCase;
-
-/*
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class Test700SelectBKU extends AbnahmeTestCase {
-
- public Test700SelectBKU(String name) {
- super(name);
- }
-
- public void testA701() throws Exception {
- try {
- String form = server.selectBKU(
- "https://localhost:8443/auth",
- "gb",
- "https://localhost:9443/",
- "file:" + getTestCaseDirectory() + "BKUSelectionTemplate.html",
- "file:" + getTestCaseDirectory() + "Template.html");
- //writeXmldata("SelectBKUForm_out.html", form.getBytes());
- assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form);
- }
- catch (Exception ex) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage());
- throw ex;
- }
- }
- public void testA702() throws Exception {
- try {
- String form = server.selectBKU(
- "https://localhost:8443/auth",
- "gb",
- "https://localhost:9443/",
- null,
- null);
- //writeXmldata("SelectBKUForm_out.html", form.getBytes());
- assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form);
- }
- catch (Exception ex) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage());
- throw ex;
- }
- }
- public void testA703() throws Exception {
- try {
- String form = server.selectBKU(
- "https://localhost:8443/auth",
- "gb",
- "https://localhost:9443/",
- null,
- null);
- //writeXmldata("SelectBKUForm_out.html", form.getBytes());
- assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form);
- }
- catch (Exception ex) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage());
- throw ex;
- }
- }
-}
diff --git a/id.server/src/test/abnahme/AbnahmeTestCase.java b/id.server/src/test/abnahme/AbnahmeTestCase.java
deleted file mode 100644
index e0e6fc183..000000000
--- a/id.server/src/test/abnahme/AbnahmeTestCase.java
+++ /dev/null
@@ -1,163 +0,0 @@
-package test.abnahme;
-
-import java.io.File;
-import java.io.IOException;
-import java.io.RandomAccessFile;
-
-import test.MOAIDTestCase;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-
-/**
- * Base class for MOA ID test cases.
- *
- * Provides some utility functions.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class AbnahmeTestCase extends MOAIDTestCase {
-
- protected static final String TESTDATA_ROOT = "data/abnahme-test/";
- protected static final String TESTDATA_XMLDATA = "data/abnahme-test/xmldata/";
- protected static final String AUTH_ENDPOINT = "http://localhost:8080/moa-id-auth/";
- protected AuthenticationServer server;
-
- /**
- * Constructor for MOATestCase.
- * @param arg0
- */
- public AbnahmeTestCase(String name) {
- super(name);
- }
- /**
- * Set up a transaction context with a test configuration.
- */
- protected void setUp() throws Exception {
-
- System.out.print("--------S-T-A-R-T----V-O-N----");
- System.out.print(getName().toUpperCase().substring(4,getName().length()));
- System.out.print("-----------------------------\n");
-
- // Set moa.spss.server.configuration property
- System.setProperty("moa.spss.server.configuration",TESTDATA_ROOT + "conf/moa/ConfigurationTest.xml");
-
- // Set moa.id.configuration property
- String pathname = findXmldata("Configuration.xml");
- System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, pathname);
- System.out.println("Konfiguration " + pathname);
- AuthConfigurationProvider.reload();
-
- server = AuthenticationServer.getInstance();
- }
- /** Test case z.B. "A153" */
- protected String getID() {
- return getName().toUpperCase().substring(4,getName().length());
- }
- /** Test group z.B. "A100" */
- protected String getTestGroup() {
- return getID().substring(0, 2) + "00";
- }
- /** Test case data directory */
- protected String getTestCaseDirectory() {
- return getTestGroupDirectory() + getID() + "/";
- }
- /** Test group data directory */
- protected String getTestGroupDirectory() {
- return TESTDATA_XMLDATA + getTestGroup() + "/";
- }
- /** Finds a file in the xmldata directory */
- protected String findXmldata(String filename) {
- String pathname = getTestCaseDirectory() + filename;
- if (! new File(pathname).exists()) {
- pathname = getTestGroupDirectory() + filename;
- if (! new File(pathname).exists()) {
- pathname = TESTDATA_XMLDATA + filename;
- }
- }
- return pathname;
- }
- /** Finds and reads a file in the xmldata directory */
- protected String readXmldata(String filename) throws IOException {
- String pathname = findXmldata(filename);
- System.out.println("Read file " + pathname);
- return readFile(pathname);
- }
- protected void writeXmldata(String filename, byte[] content) throws Exception {
- String pathname = getTestCaseDirectory() + filename;
- System.out.println("Write file " + pathname);
- RandomAccessFile raf = new RandomAccessFile(pathname, "rw");
- byte[] data = content;
- raf.write(data);
- raf.setLength(data.length);
- raf.close();
- }
-
- /**
- * Creates a session using standard parameters,
- * and returns the session ID.
- */
- protected String startAuthentication() throws MOAIDException {
- return startAuthentication("https://localhost:9443/");
- }
- /**
- * Creates a session using standard parameters,
- * and returns the session ID.
- */
- protected String startAuthentication(String oaURL) throws MOAIDException {
- String htmlForm = AuthenticationServer.getInstance().startAuthentication(
- "https://localhost:8443/auth",
- "gb",
- oaURL,
- null,
- null,
- null);
- String sessionID = parseSessionIDFromForm(htmlForm);
- return sessionID;
- }
- private String parseSessionIDFromForm(String htmlForm) {
- String parName = "MOASessionID=";
- assertTrue(
- "HTML Form enthält keine SessionID",
- htmlForm.indexOf(parName) >= 0);
- int i1 = htmlForm.indexOf(parName) + parName.length();
- int i2 = i1;
- while(i2 < htmlForm.length() &&
- (htmlForm.charAt(i2) == '-' || (htmlForm.charAt(i2) >= '0' && htmlForm.charAt(i2) <= '9')))
- i2++;
- assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1);
- return htmlForm.substring(i1, i2);
- }
- protected String clearSessionID(String htmlForm) {
- String sessionID = parseSessionIDFromForm(htmlForm);
- int i1 = htmlForm.indexOf(sessionID);
- int i2 = i1 + sessionID.length();
- return htmlForm.substring(0, i1) + htmlForm.substring(i2);
- }
- protected void assertEqualsIgnoreSessionID(String s1, String s2) {
- String ss1 = clearSessionID(s1);
- String ss2 = clearSessionID(s2);
- assertEquals(ss1, ss2);
- }
- protected void authDataWriter(AuthenticationData authData, String filename) throws Exception
- {
- writeXmldata("AuthenticationDataNEW.xml", clearSamlAssertion(authData.getSamlAssertion()).getBytes("UTF-8"));
- }
-
- /**
- * clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur
- * AUSSLIESSLICH die Attribute 'IssueInstant' und 'AssertionID' heraus.
- * @param samlAssertion
- * @return String
- */
- protected String clearSamlAssertion(String samlAssertion)
- {
- String result = killInclusive(samlAssertion,"IssueInstant='", "'","");
- result = killInclusive(result,"AssertionID='", "'","");
- return result;
- }
-} \ No newline at end of file
diff --git a/id.server/src/test/abnahme/AllTests.java b/id.server/src/test/abnahme/AllTests.java
deleted file mode 100644
index 56a38be28..000000000
--- a/id.server/src/test/abnahme/AllTests.java
+++ /dev/null
@@ -1,49 +0,0 @@
-package test.abnahme;
-
-import junit.awtui.TestRunner;
-import junit.framework.*;
-
-import test.abnahme.A.Test100StartAuthentication;
-import test.abnahme.A.Test200VerifyIdentityLink;
-import test.abnahme.A.Test300VerifyAuthBlock;
-import test.abnahme.A.Test400GetAuthenticationData;
-import test.abnahme.A.Test500StartAuthenticationServlet;
-import test.abnahme.A.Test600GetAuthenticationDataService;
-import test.abnahme.A.Test700SelectBKU;
-import test.abnahme.C.Test100Konfiguration;
-import test.abnahme.P.Test100LoginParameterResolver;
-
-
-
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AllTests {
-
- public static Test suite() {
- TestSuite suite = new TestSuite();
-
- suite.addTestSuite(Test100StartAuthentication.class);
- suite.addTestSuite(Test200VerifyIdentityLink.class);
- suite.addTestSuite(Test300VerifyAuthBlock.class);
- suite.addTestSuite(Test400GetAuthenticationData.class);
- suite.addTestSuite(Test500StartAuthenticationServlet.class);
- suite.addTestSuite(Test600GetAuthenticationDataService.class);
- suite.addTestSuite(Test700SelectBKU.class);
-
- suite.addTestSuite(Test100LoginParameterResolver.class);
-
- suite.addTestSuite(Test100Konfiguration.class);
- return suite;
- }
-
- public static void main(String[] args) {
- try {
- TestRunner.run(AllTests.class);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-}
diff --git a/id.server/src/test/abnahme/C/Test100Konfiguration.java b/id.server/src/test/abnahme/C/Test100Konfiguration.java
deleted file mode 100644
index 7da5a7449..000000000
--- a/id.server/src/test/abnahme/C/Test100Konfiguration.java
+++ /dev/null
@@ -1,60 +0,0 @@
-package test.abnahme.C;
-
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-
-import test.abnahme.AbnahmeTestCase;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-
-public class Test100Konfiguration extends AbnahmeTestCase {
-
- public Test100Konfiguration(String name) {
- super(name);
- }
-
- public void testC001() throws Exception {
- try {
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testC002() throws Exception {
- try {
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testC003() throws Exception {
- try {
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testC051() throws Exception {
- try {
- // Set moa.id.configuration property
- String pathname = findXmldata("ConfigurationC051.xml");
- System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, pathname);
- System.out.println("Konfiguration " + pathname);
- AuthConfigurationProvider.reload();
- }
- catch (Exception e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- // AuthConfigurationProvider.getInstance().getBKUConnectionParameter().getAcceptedServerCertificates()
- }
-}
diff --git a/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java b/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java
deleted file mode 100644
index 8b7b2002f..000000000
--- a/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java
+++ /dev/null
@@ -1,146 +0,0 @@
-package test.abnahme.P;
-import java.util.Map;
-
-import sun.misc.BASE64Decoder;
-import test.abnahme.AbnahmeTestCase;
-
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.proxy.LoginParameterResolver;
-import at.gv.egovernment.moa.id.proxy.LoginParameterResolverFactory;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-
-public class Test100LoginParameterResolver extends AbnahmeTestCase {
-
- private static final String CLIENT_IP_ADDRESS = "56.246.75.11";
- private OAConfiguration oaConf;
- private LoginParameterResolver lpr;
-
- public Test100LoginParameterResolver(String name) {
- super(name);
- }
-
- private void setUp(String publicURLPrefix)
- throws Exception {
-
- // get configuration data
- ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance();
- OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(publicURLPrefix);
- oaConf = oaParam.getOaConfiguration();
- System.out.println("Parameterübergabe: " + oaConf.getAuthType());
-
- // get login parameter resolver
- LoginParameterResolverFactory.initialize();
- lpr = LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix);
- }
- public void testP101() throws Exception {
- try {
- // read configuration and set up LoginParameterResolver
- setUp("https://testP101:9443/");
- if (! oaConf.getAuthType().equals(OAConfiguration.BASIC_AUTH))
- fail();
-
- // assemble authentication data
- AuthenticationData authData = new AuthenticationData();
- authData.setFamilyName("Huber");
- authData.setGivenName("Hugo");
-
- // resolve login headers
- Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS);
-
- // validate login headers
- assertEquals(1, loginHeaders.keySet().size());
- System.out.println("Header Authorization: " + loginHeaders.get("Authorization"));
- System.out.println("Decoded UserID:Password " +
- new String(new BASE64Decoder().decodeBuffer(((String)loginHeaders.get("Authorization")).substring(6))));
- String userIDPassword = "Hugo:Huber";
- String credentials = Base64Utils.encode(userIDPassword.getBytes());
- assertEquals("Basic " + credentials, loginHeaders.get("Authorization"));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
-
- }
- public void testP102() throws Exception {
- try {
- // read configuration and set up LoginParameterResolver
- setUp("https://testP102:9443/");
- if (! oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH))
- fail();
-
- // assemble authentication data
- AuthenticationData authData = new AuthenticationData();
- String DATE_OF_BIRTH = "1963-12-29";
- String VPK = "kp6hOq6LRAkLtrqm6EvDm6bMwJw=";
- authData.setDateOfBirth(DATE_OF_BIRTH);
- authData.setVPK(VPK);
-
- // resolve login parameters
- Map loginParameters = lpr.getAuthenticationParameters(oaConf, authData, CLIENT_IP_ADDRESS);
-
- // validate login headers
- assertEquals(2, loginParameters.keySet().size());
- System.out.println("Param1: " + loginParameters.get("Param1"));
- System.out.println("Param2: " + loginParameters.get("Param2"));
- assertEquals(DATE_OF_BIRTH, loginParameters.get("Param1"));
- assertEquals(VPK, loginParameters.get("Param2"));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testP103() throws Exception {
- try {
- // read configuration and set up LoginParameterResolver
- setUp("https://localhost:9443/");
- if (! oaConf.getAuthType().equals(OAConfiguration.HEADER_AUTH))
- fail();
-
- // assemble authentication data
- AuthenticationData authData = new AuthenticationData();
- boolean PUBLIC_AUTH = true;
- String BKZ = "FinanzamtWien23Leitstelle";
- boolean QUAL_CERT = false;
- String ZMR_ZAHL = "3456789012";
- authData.setPublicAuthority(PUBLIC_AUTH);
- authData.setPublicAuthorityCode(BKZ);
- authData.setQualifiedCertificate(QUAL_CERT);
- authData.setIdentificationValue(ZMR_ZAHL);
-
- // resolve login headers
- Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS);
-
- // validate login headers
- assertEquals(5, loginHeaders.keySet().size());
- System.out.println("Header Param1: " + loginHeaders.get("Param1"));
- System.out.println("Header Param2: " + loginHeaders.get("Param2"));
- System.out.println("Header Param3: " + loginHeaders.get("Param3"));
- System.out.println("Header Param4: " + loginHeaders.get("Param4"));
- System.out.println("Header Param5: " + loginHeaders.get("Param5"));
- assertEquals(String.valueOf(PUBLIC_AUTH), loginHeaders.get("Param1"));
- assertEquals(BKZ, loginHeaders.get("Param2"));
- assertEquals(String.valueOf(QUAL_CERT), loginHeaders.get("Param3"));
- assertEquals(ZMR_ZAHL, loginHeaders.get("Param4"));
- assertEquals(CLIENT_IP_ADDRESS, loginHeaders.get("Param5"));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/AllTests.java
deleted file mode 100644
index 69ed3d12b..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/AllTests.java
+++ /dev/null
@@ -1,41 +0,0 @@
-package test.at.gv.egovernment.moa.id;
-
-import test.at.gv.egovernment.moa.id.auth.AuthenticationServerTest;
-import test.at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataServiceTest;
-import test.at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationTest;
-import test.at.gv.egovernment.moa.id.config.auth.MOAIDAuthConfigurationProviderTest;
-import test.at.gv.egovernment.moa.id.config.proxy.MOAIDProxyConfigurationProviderTest;
-
-import junit.awtui.TestRunner;
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AllTests {
-
- public static Test suite() {
- TestSuite suite = new TestSuite();
-
- suite.addTestSuite(AuthenticationServerTest.class);
- suite.addTest(test.at.gv.egovernment.moa.id.auth.builder.AllTests.suite());
- suite.addTest(test.at.gv.egovernment.moa.id.auth.parser.AllTests.suite());
- suite.addTestSuite(GetAuthenticationDataServiceTest.class);
- suite.addTestSuite(SignatureVerificationTest.class);
- suite.addTestSuite(MOAIDAuthConfigurationProviderTest.class);
- suite.addTestSuite(MOAIDProxyConfigurationProviderTest.class);
- suite.addTest(test.at.gv.egovernment.moa.id.proxy.AllTests.suite());
-
- return suite;
- }
-
- public static void main(String[] args) {
- try {
- TestRunner.run(AllTests.class);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java b/id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java
deleted file mode 100644
index 8309a4f7e..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package test.at.gv.egovernment.moa.id;
-
-import test.MOAIDTestCase;
-
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-
-/**
- * Base class for MOA ID test cases.
- *
- * Provides some utility functions.
- *
- * @author Patrick Peck
- * @version $Id$
- */
-public class UnitTestCase extends MOAIDTestCase {
-
- protected static final String TESTDATA_ROOT = "data/test/";
-
- /**
- * Constructor for MOATestCase.
- * @param arg0
- */
- public UnitTestCase(String name) {
- super(name);
- }
- /**
- * Set up a transaction context with a test configuration.
- */
- protected void setUp() throws Exception {
- System.setProperty(
- ConfigurationProvider.CONFIG_PROPERTY_NAME,
- TESTDATA_ROOT + "conf/ConfigurationTest.xml");
- }
-
-} \ No newline at end of file
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java
deleted file mode 100644
index 753b2ef12..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java
+++ /dev/null
@@ -1,50 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationServerTest extends UnitTestCase {
-
- public AuthenticationServerTest(String name) {
- super(name);
- }
-
- public void testStandard() throws Exception {
- doTest(
- "standard",
- "https://localhost:8443/auth",
- "gb",
- "https://localhost:9443/",
- null,
- null);
- }
- public void doTest(String testdataDirectory, String authURL, String target, String oaURL, String bkuURL, String templateURL) throws Exception {
- String testdataRoot = TESTDATA_ROOT + "xmldata/" + testdataDirectory + "/";
- AuthenticationServer server = AuthenticationServer.getInstance();
- String htmlForm = server.startAuthentication(authURL, target, oaURL, templateURL, bkuURL, null);
- String sessionID = parseSessionIDFromForm(htmlForm);
- String infoboxReadResponse = readFile(TESTDATA_ROOT + "xmldata/testperson1/" + "InfoboxReadResponse.xml");
- String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse);
- String createXMLSignatureRequestShould = readFile(testdataRoot + "CreateXMLSignatureRequest.xml");
- assertXmlEquals(createXMLSignatureRequestShould, createXMLSignatureRequest);
- String createXMLSignatureResponse = readFile(testdataRoot + "CreateXMLSignatureResponse.xml");
- String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- AuthenticationData authData = server.getAuthenticationData(samlArtifact);
- String authDataShould = readFile(testdataRoot + "AuthenticationDataAssertion.xml");
- assertXmlEquals(authDataShould, authData.getSamlAssertion());
- }
- private String parseSessionIDFromForm(String htmlForm) {
- String parName = "MOASessionID=";
- assertTrue("HTML Form enthält keine SessionID", htmlForm.indexOf(parName) >= 0);
- int i1 = htmlForm.indexOf(parName) + parName.length();
- int i2 = htmlForm.indexOf("\"", i1);
- assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1);
- return htmlForm.substring(i1, i2);
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java
deleted file mode 100644
index 4bc7d52d6..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth;
-
-import java.security.KeyStore;
-import java.util.Enumeration;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.util.KeyStoreUtils;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDAuthInitialiserTest extends UnitTestCase {
-
- public MOAIDAuthInitialiserTest(String name) {
- super(name);
- }
-
- public void testInit() throws Exception
- {
-// System.setProperty(
-// ConfigurationProvider.CONFIG_PROPERTY_NAME,"C://Programme/ApacheGroup/abnahme/conf/moa-id/SampleMOAIDConfiguration.xml");
-// System.setProperty(
-// ConfigurationProvider.CONFIG_PROPERTY_NAME,"D://Daten/_Projects/moa_id_maengel/SampleMOAIDConfiguration.xml");
- SSLUtils.initialize();
-
- try {
- KeyStore s = KeyStoreUtils.loadKeyStore("pkcs12","file:C:/Programme/ApacheGroup/abnahme/cert/keystore.p12","changeit");
- System.out.println(s.getProvider().getClass().getName());
- Enumeration enum = s.aliases();
- while (enum.hasMoreElements()) {
- String element = (String) enum.nextElement();
- System.out.print(element+":");
- System.out.println(s.getCertificate(element).getPublicKey().getAlgorithm());
- System.out.println(s.getCertificate(element).getType());
- }
-
-
- System.out.println(s.getCertificate("pc41408").getPublicKey().getFormat());
-
- }
- catch (Exception e) {e.printStackTrace();};
-
- }
-
- }
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java
deleted file mode 100644
index 77dff29aa..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java
+++ /dev/null
@@ -1,33 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.builder;
-
-import junit.awtui.TestRunner;
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-/**
- * @author patrick
- * @version $Id$
- */
-public class AllTests {
-
- public static Test suite() {
- TestSuite suite = new TestSuite();
-
- suite.addTestSuite(AuthenticationBlockAssertionBuilderTest.class);
- suite.addTestSuite(CreateXMLSignatureBuilderTest.class);
- suite.addTestSuite(GetIdentityLinkFormBuilderTest.class);
- suite.addTestSuite(InfoboxReadRequestBuilderTest.class);
- suite.addTestSuite(PersonDataBuilderTest.class);
- suite.addTestSuite(SAMLArtifactBuilderTest.class);
-
- return suite;
- }
-
- public static void main(String[] args) {
- try {
- TestRunner.run(AllTests.class);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java
deleted file mode 100644
index 2717ee8c0..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java
+++ /dev/null
@@ -1,46 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.builder;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationBlockAssertionBuilderTest extends UnitTestCase {
- private static final String nl = "\n";
- private static final String ISSUER = "Hugo Mustermann";
- private static final String ISSUE_INSTANT = "2003-03-15T22:50:21+01:00";
- private static final String AUTH_URL = "https://auth.moa.gv.at/";
- private static final String TARGET = "Grundbuch";
- private static final String OA_URL = "https://grundbuch.gv.at/";
-
- // wird auch von CreateXMLSignatureBuilderTest verwendet !
- public static final String ASSERTION_SHOULD =
-"<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' AssertionID='any' Issuer='" + ISSUER + "' IssueInstant='" + ISSUE_INSTANT + "'>" + nl +
-" <saml:AttributeStatement>" + nl +
-" <saml:Subject>" + nl +
-" <saml:NameIdentifier>" + AUTH_URL + "</saml:NameIdentifier>" + nl +
-" </saml:Subject>" + nl +
-" <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>" + nl +
-" <saml:AttributeValue>" + TARGET + "</saml:AttributeValue>" + nl +
-" </saml:Attribute>" + nl +
-" <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>" + nl +
-" <saml:AttributeValue>" + OA_URL + "</saml:AttributeValue>" + nl +
-" </saml:Attribute>" + nl +
-" </saml:AttributeStatement>" + nl +
-"</saml:Assertion>";
-
- public AuthenticationBlockAssertionBuilderTest(String name) {
- super(name);
- }
-
- public void testBuild() throws Exception {
- AuthenticationBlockAssertionBuilder builder = new AuthenticationBlockAssertionBuilder();
- String assertionBuilt = builder.build(ISSUER, ISSUE_INSTANT, AUTH_URL, TARGET, OA_URL);
- assertionBuilt = XML_DECL + assertionBuilt;
- String assertionShould = XML_DECL + ASSERTION_SHOULD;
- assertXmlEquals(assertionShould, assertionBuilt);
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java
deleted file mode 100644
index 13f86efee..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java
+++ /dev/null
@@ -1,58 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class CreateXMLSignatureBuilderTest extends UnitTestCase {
- private static final String nl = "\n";
- public static final String TRANSFORMS_INFO =
- " <sl10:TransformsInfo>" + nl +
- " <dsig:Transforms>" + nl +
- " <dsig:Transform Algorithm='http://www.w3.org/2000/09/xmldsig#enveloped-signature'/>" + nl +
- " <dsig:Transform Algorithm='http://www.w3.org/TR/1999/REC-xslt-19991116'>" + nl +
-"<xsl:stylesheet version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform' xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' >" + nl +
-"<xsl:template match='/'>" + nl +
-"<html>" + nl +
-"<body>" + nl +
-"</body>" + nl +
-"</html>" + nl +
-"</xsl:template>" + nl +
-"</xsl:stylesheet>" + nl +
- " </dsig:Transform>" + nl +
- " </dsig:Transforms>" + nl +
- " <sl10:FinalDataMetaInfo>" + nl +
- " <sl10:MimeType>text/html</sl10:MimeType>" + nl +
- " </sl10:FinalDataMetaInfo>" + nl +
- " </sl10:TransformsInfo>" + nl;
- public static final String REQUEST_SHOULD =
-"<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + nl +
-"<sl11:CreateXMLSignatureRequest xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:sl10=\"http://www.buergerkarte.at/namespaces/securitylayer/20020225#\" xmlns:sl11=\"http://www.buergerkarte.at/namespaces/securitylayer/20020831#\">" + nl +
-" <sl11:KeyboxIdentifier>SecureSignatureKeypair</sl11:KeyboxIdentifier>" + nl +
-" <sl11:DataObjectInfo Structure=\"detached\">" + nl +
-" <sl10:DataObject Reference=\"\"/>" + nl +
-TRANSFORMS_INFO +
-" </sl11:DataObjectInfo>" + nl +
-" <sl11:SignatureInfo>" + nl +
-" <sl11:SignatureEnvironment>" + nl +
-" <sl10:XMLContent>" + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD + "</sl10:XMLContent>" + nl +
-" </sl11:SignatureEnvironment>" + nl +
-" <sl11:SignatureLocation Index=\"2\">/saml:Assertion</sl11:SignatureLocation>" + nl +
-" </sl11:SignatureInfo>" + nl +
-"</sl11:CreateXMLSignatureRequest>";
-
- public CreateXMLSignatureBuilderTest(String name) {
- super(name);
- }
-
- public void testBuild() throws Exception {
- String request = new CreateXMLSignatureRequestBuilder().build(
- AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD,
- new String[] {TRANSFORMS_INFO});
- assertXmlEquals(REQUEST_SHOULD, request);
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
deleted file mode 100644
index 9142a8e42..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
+++ /dev/null
@@ -1,73 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.builder;
-
-import java.text.MessageFormat;
-
-import junit.framework.TestCase;
-
-import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
-import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class GetIdentityLinkFormBuilderTest extends TestCase {
- private static String nl = "\n";
- public static String FORM =
- "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
- "<html>" + nl +
- "<head>" + nl +
- "<title>Auslesen der Personenbindung</title>" + nl +
- "</head>" + nl +
- "<body>" + nl +
- "<form name=\"GetIdentityLinkForm\"" + nl +
- " action=\"{0}\"" + nl +
- " method=\"post\">" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"XMLRequest\"" + nl +
- " value=\"{1}\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"DataURL\"" + nl +
- " value=\"{2}\"/>" + nl +
- " <input type=\"submit\" value=\"Auslesen der Personenbindung\"/>" + nl +
- "</form>" + nl +
- "<form name=\"CertificateInfoForm\"" + nl +
- " action=\"{0}\"" + nl +
- " method=\"post\">" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"XMLRequest\"" + nl +
- " value=\"{3}\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"DataURL\"" + nl +
- " value=\"{4}\"/>" + nl +
- " <input type=\"submit\" value=\"Information zu Wurzelzertifikaten\"/>" + nl +
- "</form>" + nl +
- "</body>" + nl +
- "</html>";
- public static String BKU =
- "http://localhost:3495/http-security-layer-request";
-
- public void testBuild() throws Exception {
- String xmlRequest = new InfoboxReadRequestBuilder().build();
- String dataURL = "https://1.2.3.4/auth/VerifyIdentityLink?MOASessionID=1234567";
- String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
- String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/";
- String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL);
- String formShould = MessageFormat.format(
- FORM, new Object[] { BKU, xmlRequest, dataURL, infoRequest, infoDataURL });
- assertEquals(formShould, form);
- }
- public void testBuildCustomBKU() throws Exception {
- String xmlRequest = new InfoboxReadRequestBuilder().build();
- String dataURL = "https://1.2.3.4/auth/AuthServlet/StartAuthentication?MOASessionID=1234567";
- String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
- String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/";
- String bkuURL = "http://bku.at/";
- String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL);
- String formShould = MessageFormat.format(
- FORM, new Object[] { bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL });
- assertEquals(formShould, form);
- }
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java
deleted file mode 100644
index b65fc9ecf..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java
+++ /dev/null
@@ -1,29 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.builder;
-
-import org.w3c.dom.Document;
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class InfoboxReadRequestBuilderTest extends UnitTestCase implements Constants {
-
- public InfoboxReadRequestBuilderTest(String name) {
- super(name);
- }
-
- public void testBuild() throws Exception {
- InfoboxReadRequestBuilder builder = new InfoboxReadRequestBuilder();
- String xmlBuilt = builder.build();
- Document docBuilt = DOMUtils.parseDocument(xmlBuilt, false, ALL_SCHEMA_LOCATIONS, null);
- String xmlBuiltSerialized = DOMUtils.serializeNode(docBuilt);
- // xmlShould was generated by Hot:Sign Tester
- String xmlShould = "<?xml version='1.0' encoding='utf-8'?><sl10:InfoboxReadRequest xmlns:sl10='http://www.buergerkarte.at/namespaces/securitylayer/20020225#'><sl10:InfoboxIdentifier>IdentityLink</sl10:InfoboxIdentifier><sl10:BinaryFileParameters ContentIsXMLEntity='true'/></sl10:InfoboxReadRequest>";
- assertXmlEquals(xmlShould, xmlBuiltSerialized);
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java
deleted file mode 100644
index 504679fd5..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.util.Constants;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class PersonDataBuilderTest extends UnitTestCase implements Constants {
-
- /**
- * Constructor for PersonDataBuilderTest.
- */
- public PersonDataBuilderTest(String arg) {
- super(arg);
- }
- public void testBuild() throws Exception {
- String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml");
- IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink();
- String xmlPersonData = new PersonDataBuilder().build(il, true);
- String xmlPersonDataShould = "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Identification><pr:Value>123456789012</pr:Value><pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type></pr:Identification><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>";
- assertPersonDataEquals(xmlPersonDataShould, xmlPersonData);
- }
- public void testBuildNoZMRZahl() throws Exception {
- String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml");
- IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink();
- String xmlPersonData = new PersonDataBuilder().build(il, false);
- String xmlPersonDataShould = XML_DECL + "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>";
- assertPersonDataEquals(xmlPersonDataShould, xmlPersonData);
- }
- private void assertPersonDataEquals(String s1, String s2) throws Exception {
- String ss1 = insertPrNS(s1);
- String ss2 = insertPrNS(s2);
- assertXmlEquals(ss1, ss2);
- }
- private String insertPrNS(String xmlPersonData) {
- int startNS = xmlPersonData.indexOf("Person") + "Person".length() + 1;
- String s =
- xmlPersonData.substring(0, startNS) +
- "xmlns:pr=\"" + PD_NS_URI + "\" " +
- "xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" " +
- xmlPersonData.substring(startNS);
- return s;
- }
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java
deleted file mode 100644
index 3ec73ee4c..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java
+++ /dev/null
@@ -1,52 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLArtifactBuilderTest extends UnitTestCase {
-
- private static final String AUTH_URL = "https://moa.gv.at/auth/";
- private static final String SESSION_ID_1 = "123456";
- private static final String SESSION_ID_2 = "123457";
- private static final String SESSION_ID_3 = "1234567";
-
- private SAMLArtifactBuilder builder;
- private byte[] artifact1;
- private byte[] artifact2;
- private byte[] artifact3;
-
- public SAMLArtifactBuilderTest(String name) {
- super(name);
- }
- protected void setUp() throws Exception {
- builder = new SAMLArtifactBuilder();
- artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false);
- artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2), false);
- artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3), false);
- }
-
- public void testBuildArtifactLength() throws BuildException {
- assertEquals(42, artifact1.length);
- assertEquals(42, artifact2.length);
- assertEquals(42, artifact3.length);
- }
- public void testBuildSameArtifact() throws Exception {
- byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false);
- assertEquals(new String(artifact1), new String(artifact1Clone));
- }
- public void testBuildDifferentArtifacts() throws BuildException {
- String msg = "SAML Artifacts should be different";
- assertFalse(msg, new String(artifact1).equals(new String(artifact2)));
- assertFalse(msg, new String(artifact1).equals(new String(artifact3)));
- assertFalse(msg, new String(artifact3).equals(new String(artifact2)));
- }
-
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java
deleted file mode 100644
index 5b3bb5906..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java
+++ /dev/null
@@ -1,93 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.FileInputStream;
-import java.io.RandomAccessFile;
-
-import org.w3c.dom.Element;
-import test.at.gv.egovernment.moa.id.auth.invoke.MOASPSSTestCase;
-
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-
-
-
-/**
- * Test case for the signature verification web service.
- *
- * This test requires a running SignatureVerification web service.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class VerifyXMLSignatureRequestBuilderTest extends MOASPSSTestCase {
-
-
- private SignatureVerificationInvoker caller;
-
- public VerifyXMLSignatureRequestBuilderTest(String name) {
- super(name);
- }
-
- public void setUp() {
- System.setProperty(
- ConfigurationProvider.CONFIG_PROPERTY_NAME,
- "data/test/conf/ConfigurationTest.xml");
- caller = new SignatureVerificationInvoker();
- }
-
- public void testVerifyXMLSignatureRequestBuilderIdentityLink() throws Exception {
-
- RandomAccessFile infoBox = new RandomAccessFile(
- "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r");
- byte[] b = new byte[(int) infoBox.length()];
- infoBox.read(b);
- infoBox.close();
- String xmlInfoboxReadResponse = new String(b, "UTF-8");
-
-
- RandomAccessFile vr = new RandomAccessFile(
- "data/test/xmldata/standard/VerifyXMLSignatureRequestIdentityLink.xml","r");
- b = new byte[(int) vr.length()];
- vr.read(b);
- vr.close();
- String xmlResponse = new String(b, "UTF-8");
-
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder();
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
-
- Element requestBuild = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID());
-
- assertXmlEquals(requestBuild, xmlResponse);
-
- }
-
- public void testVerifyXMLSignature2() throws Exception {
-
- RandomAccessFile s = new RandomAccessFile("data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- s.close();
- String xmlCreateXMLSignatureResponse = new String(b, "UTF-8");
-
- CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse);
- CreateXMLSignatureResponse csr = cXMLsrp.parseResponse();
-
- VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder();
-
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
-
- Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID());
-
- // check the result
- assertXmlEquals(request, new FileInputStream("data/test/xmldata/standard/VerifyXMLSignatureRequestCreateXML.xml"));
-
- }
- }
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java
deleted file mode 100644
index 7ae6f70ef..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java
+++ /dev/null
@@ -1,38 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.invoke;
-
-import java.security.Security;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-/**
- * Base class for end-to-end tests of MOA web-services.
- *
- * Initializes the test system and provides some properties.
- *
- * @author Patrick Peck
- * @version $Id$
- */
-public class MOASPSSTestCase extends UnitTestCase {
-
- public MOASPSSTestCase(String name) {
- super(name);
- }
-
-
- protected void setupSSL() {
- System.setProperty("javax.net.debug", "all");
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- System.setProperty(
- "java.protocol.handler.pkgs",
- "com.sun.net.ssl.internal.www.protocol");
- System.setProperty(
- "javax.net.ssl.keyStore",
- "data/test/security/client.keystore");
- System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
- System.setProperty(
- "javax.net.ssl.trustStore",
- "data/test/security/client.keystore");
- System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
- }
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java
deleted file mode 100644
index e56dcde91..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java
+++ /dev/null
@@ -1,166 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.invoke;
-
-import java.io.RandomAccessFile;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.util.DOMUtils;
-
-
-
-/**
- * Test case for the signature verification web service.
- *
- * This test requires a running SignatureVerification web service.
- *
- * @author Patrick Peck
- * @author Fatemeh Philippi
- * @version $Id$
- */
-public class SignatureVerificationTest extends MOASPSSTestCase {
-
-
- private SignatureVerificationInvoker caller;
-
- public SignatureVerificationTest(String name) {
- super(name);
- }
-
- public void setUp() {
-System.setProperty(
- ConfigurationProvider.CONFIG_PROPERTY_NAME,
- "data/test/conf/ConfigurationTest.xml");
- caller = new SignatureVerificationInvoker();
- }
-
-/* public void testVerifyCMSSignature() throws Exception {
- Element request =
- parseXml("data/test/xml/VCSQ000.xml").getDocumentElement();
- Element result;
-
- // call the service
- result = caller.verifyXMLSignature(request);
-
- // check the result
- assertEquals("VerifyCMSSignatureResponse", result.getTagName());
- }*/
-
- public void testVerifyXMLSignature1() throws Exception {
-
- //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum
- //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080
- RandomAccessFile s =
- new RandomAccessFile(
- "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- String xmlInfoboxReadResponse =new String(b,"UTF8");
-
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder();
-
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
-
- Element request = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID());
- s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithInfoboxReadResponse.xml","rw");
- s.write(DOMUtils.serializeNode(request).getBytes("UTF-8"));
- s.close();
-// Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement();
-// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement();
-// call the service
- Element response = caller.verifyXMLSignature(request);
- VerifyXMLSignatureResponseParser vParser = new VerifyXMLSignatureResponseParser(response);
- VerifyXMLSignatureResponse vData = vParser.parseData();
- VerifyXMLSignatureResponseValidator vValidate = VerifyXMLSignatureResponseValidator.getInstance();
- vValidate.validate(vData, authConf.getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK);
- vValidate.validateCertificate(vData,idl);
-
- // check the result
- assertXmlEquals(response, request);
-
- }
-
- public void testVerifyXMLSignature2() throws Exception {
- // Prüft den 2. Aufruf mit dem CreateXMLSIgnatureResponse als Parameter
- //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum
- //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080
- RandomAccessFile s =
- new RandomAccessFile(
- "data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- String xmlCreateXMLSignatureResponse = new String(b, "UTF8");
-
- CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse);
-// CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse);
- CreateXMLSignatureResponse csr = cXMLsrp.parseResponse();
-
- VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder();
-
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
-
- Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID());
- // Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement();
-// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement();
- Element result;
-/*s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithAuthBlock.xml","rw");
- s.write(DOMUtils.serializeNode(request).getBytes("UTF-8"));
- s.close();*/
- // call the service
- result = caller.verifyXMLSignature(request);
- // check the result
- assertEquals("VerifyXMLSignatureResponse", result.getTagName());
-
- }
-
-
- public void testParseCreateXMLSignatureResponse() throws Exception {
-
- //Später soll die Datei direkt vom Server geholt werden...
-
- RandomAccessFile s =
- new RandomAccessFile(
- "data/test/xmldata/standard/CreateXMLSignatureResponse.xml",
-
- "r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- String xmlCreateXMLSignatureResponse = new String(b, "UTF-8");
-
- CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse);
- CreateXMLSignatureResponse csr = cXMLsrp.parseResponse();
-
- }
-
- public void testParseVerifyXMLSignatureResponse() throws Exception {
-
- //Später soll die Datei direkt vom Server geholt werden...
-
- RandomAccessFile s =
- new RandomAccessFile(
- "data/test/xmldata/standard/VerifyXMLSignaterResponse.xml",
-
- "r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- String xmlVerifyXMLSignatureResponse = new String(b, "UTF-8");
-
- VerifyXMLSignatureResponseParser vXMLsrp = new VerifyXMLSignatureResponseParser(xmlVerifyXMLSignatureResponse);
- VerifyXMLSignatureResponse vsr = vXMLsrp.parseData();
-
- }
-
-
- }
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java
deleted file mode 100644
index 84f5110b0..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java
+++ /dev/null
@@ -1,29 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.parser;
-
-import junit.awtui.TestRunner;
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AllTests {
-
- public static Test suite() {
- TestSuite suite = new TestSuite();
-
- suite.addTestSuite(IdentityLinkAssertionParserTest.class);
- suite.addTestSuite(SAMLArtifactParserTest.class);
-
- return suite;
- }
-
- public static void main(String[] args) {
- try {
- TestRunner.run(AllTests.class);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java
deleted file mode 100644
index 77eb360bc..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java
+++ /dev/null
@@ -1,137 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.parser;
-
-import iaik.security.rsa.RSAPublicKey;
-
-import java.io.FileOutputStream;
-import java.io.RandomAccessFile;
-import java.security.PublicKey;
-
-import org.w3c.dom.Document;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.parser.ECDSAKeyValueConverter;
-import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class IdentityLinkAssertionParserTest extends UnitTestCase {
-
- IdentityLinkAssertionParser ilap;
-
- public IdentityLinkAssertionParserTest(String name) {
- super(name);
- }
-
- public void setUp() {
- try {
- RandomAccessFile s =
- new RandomAccessFile(
- "data/test/xmldata/testperson1/InfoboxReadResponse.xml",
- "r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- String xmlInfoboxReadResponse = new String(b, "UTF-8");
-
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse);
- ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion());
- }
- catch (Exception e) {
- e.printStackTrace();
- }
- }
-
- public void testParseIdentityLink() throws Exception {
- IdentityLink idl = ilap.parseIdentityLink();
- System.out.println(idl.getGivenName());
- System.out.println(idl.getFamilyName());
- System.out.println(idl.getDateOfBirth());
- System.out.println(idl.getIdentificationValue());
-
- VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder();
-
- // Element zurück bekommen: vx.build(idl.getSamlAssertion());
-
- IdentityLinkValidator idVali = IdentityLinkValidator.getInstance();
- idVali.validate(idl);
-
- }
-
- public void testParseIdentityLinkECC() throws Exception {
- RandomAccessFile s =
- new RandomAccessFile(
- "data/test/xmldata/IL.ResponseToRequest.01.ECDSA.xml",
- "r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- String xmlInfoboxReadResponse = new String(b);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse);
- String SAML = irrp.parseSAMLAssertion();
- ilap = new IdentityLinkAssertionParser(SAML);
- IdentityLink idl = ilap.parseIdentityLink();
- System.out.println(idl.getGivenName());
- System.out.println(idl.getFamilyName());
- System.out.println(idl.getDateOfBirth());
- System.out.println(idl.getIdentificationValue());
-
- VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder();
-
- // Element zurück bekommen: vx.build(idl.getSamlAssertion());
-
- IdentityLinkValidator idVali = IdentityLinkValidator.getInstance();
- idVali.validate(idl);
-
- }
-
- public void testRSAPublicKeys() throws Exception {
- if (ilap.getPublicKeys()[0].getClass().getName().equals("iaik.security.rsa.RSAPublicKey"))
- {
-
- for (int i = 0; i < ilap.getPublicKeys().length; i++) {
- RSAPublicKey result = (RSAPublicKey)ilap.getPublicKeys()[i];
- System.out.println("RSA Public Key No" + i);
- System.out.println("Modulus: " + result.getModulus());
- System.out.println("Exponent: " + result.getPublicExponent());
- }
-
- }
- }
-
- public void testECDSAPublicKeys() throws Exception {
-
- RandomAccessFile s =
- new RandomAccessFile(
- "data/test/xmldata/ECDSAKeyExample.xml",
- "r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- String ecdsaKey = new String(b, "UTF-8");
- Document e = DOMUtils.parseDocument(ecdsaKey,true,Constants.ALL_SCHEMA_LOCATIONS, null);
- PublicKey p = ECDSAKeyValueConverter.element2ECDSAPublicKey(e.getDocumentElement());
-
- }
-
-
- public void testDsigCertificates() throws Exception {
-
- String[] result = ilap.getCertificates();
- for (int i = 0; i < result.length; i++) {
-
- System.out.println("DSIG Certificate Length: " + result[i].length() + " No" + i + "\n" + result[i]);
- FileOutputStream raf = new FileOutputStream("data/test/certs/cert" + i + ".cer");
- raf.write(result[i].getBytes());
- raf.flush();
- raf.close();
- }
-
- }
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java
deleted file mode 100644
index 9a878be2c..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java
+++ /dev/null
@@ -1,67 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.parser;
-
-import java.io.RandomAccessFile;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class InfoboxReadResponseParserTest extends UnitTestCase {
-
- IdentityLinkAssertionParser ilap;
-
- public InfoboxReadResponseParserTest(String name) {
- super(name);
- }
-
- public void setUp() {
- }
-
- public void testParseInfoboxReadResponse() throws Exception {
- RandomAccessFile s =
- new RandomAccessFile(
- "data/test/xmldata/testperson1/InfoboxReadResponse.xml",
- "r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- String xmlInfoboxReadResponse = new String(b, "UTF-8");
-
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse);
- ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion());
-
- IdentityLink idl = ilap.parseIdentityLink();
- System.out.println(idl.getGivenName());
- System.out.println(idl.getFamilyName());
- System.out.println(idl.getDateOfBirth());
- System.out.println(idl.getIdentificationValue());
-
- }
-
- public void testParseInfoboxReadResponseError() throws Exception {
- RandomAccessFile s =
- new RandomAccessFile(
- "data/test/xmldata/ErrorResponse.xml",
- "r");
- byte[] b = new byte[(int) s.length()];
- s.read(b);
- String xmlInfoboxReadResponse = new String(b, "UTF-8");
-
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse);
- ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion());
-
- IdentityLink idl = ilap.parseIdentityLink();
- System.out.println(idl.getGivenName());
- System.out.println(idl.getFamilyName());
- System.out.println(idl.getDateOfBirth());
- System.out.println(idl.getIdentificationValue());
-
- }
-
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
deleted file mode 100644
index 992e799bd..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
+++ /dev/null
@@ -1,55 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.parser;
-
-import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
-import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
-import at.gv.egovernment.moa.id.util.Random;
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-/*
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLArtifactParserTest extends UnitTestCase {
-
- private static String URL1 = "http://moa.gv.at/auth";
- private static String URL2 = "https://moa.gv.at/auth";
-
- public SAMLArtifactParserTest(String name) {
- super(name);
- }
-
- public void testParseTypeCode() throws Exception {
- String sessionID = Random.nextRandom();
- String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID);
- byte[] typeCode = new SAMLArtifactParser(samlArtifact).parseTypeCode();
- assertEquals(typeCode[0], 0);
- assertEquals(typeCode[1], 1);
- }
- public void testParseAssertionHandleSameSessionID() throws Exception {
- // SAML artifacts for different authURL's but same sessionID MUST give same assertion handle
- String sessionID = Random.nextRandom();
- String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID);
- String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID);
- String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle();
- String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle();
- assertEquals(assertionHandle1, assertionHandle2);
- }
- public void testParseAssertionHandleSameURL() throws Exception {
- // SAML artifacts for same authURL but different sessionID's MUST give different assertion handles
- String sessionID1 = Random.nextRandom();
- String sessionID2 = Random.nextRandom();
- String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1);
- String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2);
- String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle();
- String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle();
- assertFalse(assertionHandle1.equals(assertionHandle2));
- }
- public void testParseAssertionHandleSameSAMLArtifact() throws Exception {
- // SAML artifact parsed twice MUST give same assertion handle each time
- String sessionID = Random.nextRandom();
- String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID);
- String assertionHandle1 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
- String assertionHandle2 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
- assertEquals(assertionHandle1, assertionHandle2);
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java
deleted file mode 100644
index c78651fdb..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java
+++ /dev/null
@@ -1,91 +0,0 @@
-package test.at.gv.egovernment.moa.id.auth.servlet;
-
-import org.w3c.dom.Element;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-import at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataService;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Test case instantiates GetAuthenticationDataService and calls the Request() method.
- * It DOES NOT call the web service via Axis.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class GetAuthenticationDataServiceTest extends UnitTestCase implements Constants {
-
- private GetAuthenticationDataService service;
-
- public GetAuthenticationDataServiceTest(String arg0) {
- super(arg0);
- }
- protected void setUp() throws Exception {
- service = new GetAuthenticationDataService();
- }
-
- public void testService2Requests() throws Exception {
- String requestString =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" +
- "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" +
- "<saml:AssertionIDReference>123</saml:AssertionIDReference>" +
- "</samlp:Request>";
- Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- Element response = service.Request(new Element[] {request, request})[0];
- assertStatus(response, "samlp:Requester", "samlp:TooManyResponses");
- }
- public void testServiceNoSAMLArtifact() throws Exception {
- String requestString =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" +
- "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" +
- "<saml:AssertionIDReference>123</saml:AssertionIDReference>" +
- "</samlp:Request>";
- Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- Element response = service.Request(new Element[] {request})[0];
- assertStatus(response, "samlp:Requester", null);
- }
- public void testService2SAMLArtifacts() throws Exception {
- String requestString =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" +
- "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" +
- "<samlp:AssertionArtifact>123</samlp:AssertionArtifact>" +
- "<samlp:AssertionArtifact>456</samlp:AssertionArtifact>" +
- "</samlp:Request>";
- Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- Element response = service.Request(new Element[] {request})[0];
- assertStatus(response, "samlp:Requester", "samlp:TooManyResponses");
- }
- public void testServiceWrongFormat() throws Exception {
- String requestString =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" +
- "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" +
- "</samlp:Request>";
- Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- Element response = service.Request(new Element[] {request})[0];
- assertStatus(response, "samlp:Requester", null);
- }
- public void testServiceWrongSAMLArtifact() throws Exception {
- String requestString =
- "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" +
- "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" +
- "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" +
- "</samlp:Request>";
- Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- Element response = service.Request(new Element[] {request})[0];
- assertStatus(response, "samlp:Requester", "samlp:ResourceNotRecognized");
- }
- private void assertStatus(Element response, String statusCodeShould, String subStatusCodeShould) throws Exception {
- Element statusCodeNode = (Element)XPathUtils.selectSingleNode(response, "//samlp:StatusCode");
- String statusCode = statusCodeNode.getAttribute("Value");
- Element subStatusCodeNode = (Element)XPathUtils.selectSingleNode(statusCodeNode, "//samlp:StatusCode/samlp:StatusCode");
- String subStatusCode = subStatusCodeNode == null ? null : subStatusCodeNode.getAttribute("Value");
- System.out.println(statusCode + subStatusCode);
- assertEquals(statusCodeShould, statusCode);
- assertEquals(subStatusCodeShould, subStatusCode);
- }
-
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java
deleted file mode 100644
index 7935c5179..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java
+++ /dev/null
@@ -1,112 +0,0 @@
-package test.at.gv.egovernment.moa.id.config.auth;
-
-import java.util.Map;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class MOAIDAuthConfigurationProviderTest extends UnitTestCase {
- private AuthConfigurationProvider provider;
-
- /**
- * Constructor for MOAAuthConfigTest.
- * @param name
- */
- public MOAIDAuthConfigurationProviderTest(String name) {
- super(name);
- }
-
- protected void setUp() throws Exception {
-
- provider =
- new AuthConfigurationProvider(TESTDATA_ROOT + "conf/ConfigurationTest.xml");
-
- }
- public void testGetTransformsInfoFileNames() {
- String[] transformsInfoFileNames;
- transformsInfoFileNames = provider.getTransformsInfoFileNames();
-// for (int i = 0; i < transformsInfoFileNames.length; i++) {
-// System.out.println(
-// "getTransformsInfoFileNames: " + transformsInfoFileNames[i]);
- assertEquals(transformsInfoFileNames[0],"http://StringsecLayerTranformsInfo1");
- assertEquals(transformsInfoFileNames[1],"http://StringsecLayerTranformsInfo2");
-// }
-
- }
-
- public void testGetMOASPConnectionParameters() {
- ConnectionParameter cp;
- cp = provider.getMoaSpConnectionParameter();
- assertEquals(cp.getUrl(),"MOA-SP-URL");
- assertEquals(cp.getAcceptedServerCertificates(),"http://AcceptedServerCertificates");
- assertEquals(cp.getClientKeyStorePassword(),"Keystore Pass");
- assertEquals(cp.getClientKeyStore(),"URLtoClientKeystoreAUTH");
-/* System.out.println();
- System.out.println("getMoaSpConnectionParameter :" + cp.getUrl());
- System.out.println(
- "getMoaSpConnectionParameter :" + cp.getAcceptedServerCertificates());
- System.out.println(
- "getMoaSpConnectionParameter :" + cp.getClientKeyStorePassword());
- System.out.println(
- "getMoaSpConnectionParameter :" + cp.getClientKeyStore());*/
- }
- public void testGetMoaSpIdentityLinkTrustProfileID() {
-
- assertEquals(provider.getMoaSpIdentityLinkTrustProfileID(),"StringVerifyIdentiyLinkTrustID");
-
- }
- public void testGetMoaSpAuthBlockTrustProfileID() {
- assertEquals(provider.getMoaSpAuthBlockTrustProfileID(),"StringVerifyAuthBlockTransformID");
- }
-
- public void testGetMoaSpAuthBlockVerifyTransformsInfoIDs() {
- String[] result = provider.getMoaSpAuthBlockVerifyTransformsInfoIDs();
- assertEquals(result[0],"StringVerifyTransformsInfoID1");
- assertEquals(result[1],"StringVerifyTransformsInfoID2");
-
- }
-
- public void testGetOnlineApplicationAuthParameter() {
- OAAuthParameter[] result = provider.getOnlineApplicationParameters();
-
- assertEquals(result[0].getPublicURLPrefix(),"StringOALoginURL");
- assertEquals(result[0].getProvideZMRZahl(),false);
- assertEquals(result[0].getProvideAuthBlock(),false);
- assertEquals(result[0].getProvideIdentityLink(),false);
-
- assertEquals(result[1].getPublicURLPrefix(),"StringOALoginURL2");
- assertEquals(result[1].getProvideZMRZahl(),true);
- assertEquals(result[1].getProvideAuthBlock(),true);
- assertEquals(result[1].getProvideIdentityLink(),true);
-
-
-/* for (int i = 0; i < result.length; i++) {
- System.out.println();
- System.out.println("getOnlineApplicationParameters Url: " + result[i].getUrl());
- System.out.println("getOnlineApplicationParameters ProvideZMRZahl: " + result[i].getProvideZMRZahl());
- System.out.println("getOnlineApplicationParameters ProvideAuthBlock: " + result[i].getProvideAuthBlock());
- System.out.println("getOnlineApplicationParameters ProvideIdentityLink: " + result[i].getProvideIdentityLink());
- }*/
- }
-
- public void testGetGenericConfiguration() {
- Map result = provider.getGenericConfiguration();
- assertEquals(result.containsKey("Generic Name 1"),true);
- assertEquals(result.containsKey("Generic Name 2"),true);
- assertEquals(result.get("Generic Name 1"),"Value1");
- assertEquals(result.get("Generic Name 2"),"Value2");
- /* for (Iterator iter = result.keySet().iterator(); iter.hasNext();) {
- String element = (String) iter.next();
- System.out.println("getGenericConfiguration Key:" + element);
- System.out.println("getGenericConfiguration Value:" + result.get(element));
- }*/
- }
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java
deleted file mode 100644
index 12eddf8c3..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java
+++ /dev/null
@@ -1,127 +0,0 @@
-package test.at.gv.egovernment.moa.id.config.proxy;
-
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class MOAIDProxyConfigurationProviderTest extends UnitTestCase {
- private ProxyConfigurationProvider provider;
-
- /**
- * Constructor for MOAProxyConfigTest.
- * @param name
- */
- public MOAIDProxyConfigurationProviderTest(String name) {
- super(name);
- }
-
- protected void setUp() throws Exception {
-
- provider =
-// new ProxyConfigurationProvider(TESTDATA_ROOT + "conf/ConfigurationTest.xml");
- new ProxyConfigurationProvider("data/deploy/conf/moa-id/ConfigurationTest.xml");
- }
- public void testGetAuthComponentConnectionParameter()
- {
- ConnectionParameter cp;
- cp = provider.getAuthComponentConnectionParameter();
- assertEquals(cp.getUrl(),"AuthComponentURL");
- assertEquals( cp.getAcceptedServerCertificates(),"http://www.altova.com");
- assertEquals(cp.getClientKeyStorePassword(),"String");
- assertEquals(cp.getClientKeyStore(),"http://www.altova.com");
- /* System.out.println();
- System.out.println("getProxyComponentConnectionParameter :" + cp.getUrl());
- System.out.println(
- "getProxyComponentConnectionParameter :" + cp.getAcceptedServerCertificates());
- System.out.println(
- "getProxyComponentConnectionParameter :" + cp.getClientKeyStorePassword());
- System.out.println(
- "getProxyComponentConnectionParameter :" + cp.getClientKeyStore());*/
-}
-
- public void testGetOAProxyParameter() {
- OAProxyParameter[] result = provider.getOnlineApplicationParameters();
-
- assertEquals("http://localhost:9080/", result[0].getPublicURLPrefix());
- assertEquals("file:data/test/conf/OAConfParamAuth.xml", result[0].getConfigFileURL());
- assertEquals(10, result[0].getSessionTimeOut());
- assertEquals("StringloginParameterResolverImpl1", result[0].getLoginParameterResolverImpl());
- assertEquals("StringconnectionBuilderImpl1", result[0].getConnectionBuilderImpl());
-
- assertEquals("ProxyComponentURL", result[0].getConnectionParameter().getUrl());
- assertEquals("url:AcceptedServerCertificates", result[0].getConnectionParameter().getAcceptedServerCertificates());
- assertEquals("URL:toClientKeystoreOA", result[0].getConnectionParameter().getClientKeyStore());
- assertEquals("ClientKeystoreOAPAss", result[0].getConnectionParameter().getClientKeyStorePassword());
-
- assertEquals("StringOALoginURL2", result[1].getPublicURLPrefix());
- assertEquals("file:data/test/conf/OAConfHeaderAuth.xml", result[1].getConfigFileURL());
- assertEquals(20, result[1].getSessionTimeOut());
- assertEquals("StringloginParameterResolverImpl2",result[1].getLoginParameterResolverImpl());
- assertEquals("StringconnectionBuilderImpl2", result[1].getConnectionBuilderImpl());
-
- assertEquals("ProxyComponentURL2", result[1].getConnectionParameter().getUrl());
- assertEquals("url:AcceptedServerCertificates2", result[1].getConnectionParameter().getAcceptedServerCertificates());
- assertEquals("URL:toClientKeystoreOA2", result[1].getConnectionParameter().getClientKeyStore());
- assertEquals("ClientKeystoreOAPAss2", result[1].getConnectionParameter().getClientKeyStorePassword());
-
- assertEquals("StringOALoginURL3", result[2].getPublicURLPrefix());
- assertEquals("file:data/test/conf/OAConfBasicAuth.xml", result[2].getConfigFileURL());
- assertEquals(20, result[2].getSessionTimeOut());
- assertEquals("StringloginParameterResolverImpl3",result[2].getLoginParameterResolverImpl());
- assertEquals("StringconnectionBuilderImpl3", result[2].getConnectionBuilderImpl());
-
- assertEquals("ProxyComponentURL3", result[2].getConnectionParameter().getUrl());
- assertEquals("url:AcceptedServerCertificates3", result[2].getConnectionParameter().getAcceptedServerCertificates());
- assertEquals("URL:toClientKeystoreOA3", result[2].getConnectionParameter().getClientKeyStore());
- assertEquals("ClientKeystoreOAPAss3", result[2].getConnectionParameter().getClientKeyStorePassword());
- }
-
- public void testGetGenericConfiguration() {
- Map result = provider.getGenericConfiguration();
- assertEquals(true, result.containsKey("authenticationSessionTimeOut"));
- assertEquals(true, result.containsKey("authenticationDataTimeOut"));
- assertEquals("600", result.get("authenticationSessionTimeOut"));
- assertEquals("120", result.get("authenticationDataTimeOut"));
- }
-
- public void testOAConfigurationProvider() throws Exception
- {
- OAProxyParameter[] result = provider.getOnlineApplicationParameters();
- // für jeden Parameter müsste theoretisch bereits ein Provider instanziiert worden sein,
- // aus diesem Grund braucht man NICHT mehr die File-URL anzugeben, PublicURLPrefix reicht
-
- // sollte ParamAuth sein
- OAConfiguration oac1 = result[0].getOaConfiguration();
- assertEquals(OAConfiguration.PARAM_AUTH, oac1.getAuthType());
- assertEquals("MOADateOfBirth", oac1.getParamAuthMapping().get("Param1"));
- assertEquals("MOAVPK", oac1.getParamAuthMapping().get("Param2"));
- // sollte HeaderAuth sein
- OAConfiguration oac2 = result[1].getOaConfiguration();
- assertEquals(OAConfiguration.HEADER_AUTH, oac2.getAuthType());
- assertEquals("MOAPublicAuthority", oac2.getHeaderAuthMapping().get("Param1"));
- assertEquals("MOABKZ", oac2.getHeaderAuthMapping().get("Param2"));
- assertEquals("MOAQualifiedCertificate", oac2.getHeaderAuthMapping().get("Param3"));
- assertEquals("MOAZMRZahl", oac2.getHeaderAuthMapping().get("Param4"));
- assertEquals("MOAIPAddress", oac2.getHeaderAuthMapping().get("Param5"));
-
- // sollte BasicAuth sein
- OAConfiguration oac3 = result[2].getOaConfiguration();
- assertEquals(OAConfiguration.BASIC_AUTH, oac3.getAuthType());
- assertEquals("MOAGivenName", oac3.getBasicAuthUserIDMapping());
- assertEquals("MOAFamilyName", oac3.getBasicAuthPasswordMapping());
- //Fehlerfall:
-
-
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java
deleted file mode 100644
index 2dd6cd35e..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java
+++ /dev/null
@@ -1,31 +0,0 @@
-package test.at.gv.egovernment.moa.id.proxy;
-
-import test.at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilderTest;
-import test.at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParserTest;
-import junit.awtui.TestRunner;
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-/**
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AllTests {
-
- public static Test suite() {
- TestSuite suite = new TestSuite();
-
- suite.addTestSuite(SAMLRequestBuilderTest.class);
- suite.addTestSuite(SAMLResponseParserTest.class);
-
- return suite;
- }
-
- public static void main(String[] args) {
- try {
- TestRunner.run(AllTests.class);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java
deleted file mode 100644
index aec14ce1c..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java
+++ /dev/null
@@ -1,462 +0,0 @@
-package test.at.gv.egovernment.moa.id.proxy.builder;
-
-import java.io.PrintStream;
-import java.util.ArrayList;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.NamedNodeMap;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.Text;
-
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * @author Administrator
- *
- * To change this generated comment edit the template variable "typecomment":
- * Window>Preferences>Java>Templates.
- * To enable and disable the creation of type comments go to
- * Window>Preferences>Java>Code Generation.
- */
-public class DOMTreeCompare {
-
- boolean debug = true;
-
- private static PrintStream Log = null;
-
- static
- {
- Log = System.out;
- }
-
- public boolean compareElements(Element root1, Element root2)
- {
- //Log.println("----- Compare Elements:"+root1.getNodeName()+" "+root2.getNodeName());
- filterTree(root1);
- filterTree(root2);
- return compareNodes(root1,root2,0,"root/",false);
- }
-
- private boolean compareNodes(Node n1, Node n2, int level,String path,boolean attribute)
- {
- /*try {
- Log.println(DOMUtils.serializeNode(n1));
- }
- catch(Exception e)
- {
- e.printStackTrace();
- }*/
- boolean equal = false;
- //Log.println("----- Compare Node "+level+":"+n1+" "+n2);
- //Log.println("----- Compare Node "+level+":"+n1.getNodeName()+" "+n2.getNodeName());
- //Log.println("----- Checking:"+path+getPathString(n1));
- NodeList nl1 = n1.getChildNodes();
- NodeList nl2 = n2.getChildNodes();
-
- int size1 = nl1.getLength();
- int size2 = nl2.getLength();
-
- if(debug)display_one(n1);
- if(debug)display_one(n2);
-
-
- if(debug)
- if(n1.getNodeName().equals("Base64Content") && n2.getNodeName().equals("Base64Content"))
- {
- try {
- Log.println("CONT:"+new String(Base64Utils.decode(strip(n1.getChildNodes().item(0).getNodeValue()),false)));
- Log.println("CONT:"+new String(Base64Utils.decode(strip(n2.getChildNodes().item(0).getNodeValue()),false)));
- }
- catch(Exception e)
- {
- e.printStackTrace();
- }
- }
-
- if(size1 != size2)
- {
- Log.println("----- Anzahl der Kinder nicht gleich:"+path+getPathString(n1)+":"+getPathString(n2));
- return false;
- }
-
- equal = compareNodeExact(n1,n2,level,path+getPathString(n1)+"/");
- if(!equal)
- {
- Log.println("----- Knoten sind nicht identisch:"+path+getPathString(n1));
- return false;
- }
-
- if(n1.hasAttributes() || n2.hasAttributes())
- {
- equal = compareNodeAttriubtes(n1,n2,level+1,path+getPathString(n1)+"/(a)");
- if(!equal)
- {
- Log.println("----- Attribute stimmen nicht überein:"+path+getPathString(n1));
- return false;
- }
- }
- if(size1==0)
- {
- return true;
- }
-
- for(int counter=0;counter<size1;counter++)
- {
- boolean found = false;
- Node comp_n1 = nl1.item(counter);
-
- //if(comp_n1==null) return false;
-
- Node comp_n2 = null;
- size2 = nl2.getLength();
- for(int counter2=0;counter2<size2;counter2++)
- {
- comp_n2 = nl2.item(counter2);
-
- /*equal = compareNodeExact(comp_n1,comp_n2,level+1);
- if(equal) return false;*/
- //Log.println("COMP_N1:"+comp_n1);
- //Log.println("COMP_N2:"+comp_n2);
- equal = compareNodes(comp_n1,comp_n2,level+1,path+getPathString(comp_n1)+"/",false);
- if(equal)
- {
- n2.removeChild(comp_n2);
- counter2=size2;
- nl2 = n2.getChildNodes();
- size2 = nl2.getLength();
- }
-
- }
-
- if(!equal)
- {
- Log.println("----- Keine Übereinstimmung gefunden:"+path+getPathString(comp_n1));
- return false;
- }
- }
- return true;
- }
-
- private boolean compareNodeExact(Node n1,Node n2,int level,String path)
- {
- if(n1.getNodeType() == Node.TEXT_NODE)
- {
- Text textnode = (Text)n1;
- /*Log.println("----- *****"+textnode.getNodeName());
- Log.println("----- *****"+textnode.getParentNode().getNodeName());
- Log.println("----- *****"+textnode.getNodeValue());*/
- }
-
- //Log.println("----- Checking:"+path);
- String n1_name = n1.getNodeName();
- String n2_name = n2.getNodeName();
- /*Log.println("----- !!!!!"+n1.getNodeName());
- Log.println("----- !!!!!"+n1.getNodeValue());
- Log.println("----- !!!!!"+n1.getLocalName());
- Log.println("----- !!!!!"+n1.getPrefix());
- Log.println("----- !!!!!"+n1.getNextSibling());
- Log.println("----- !!!!!"+n1.getPreviousSibling());*/
-
- //Log.println("----- Compare Node "+level+":"+n1_name+" "+n2_name);
- if(!((n1_name==null && n2_name==null) ||
- (n1_name!=null && n2_name!=null && n1_name.equals(n2_name))))
- {
- Log.println("----- Name stimmt nicht überein:"+path);
- return false;
- }
-
- //Log.println("----- Compare Node "+level+":"+n1.getNodeType()+" "+n2.getNodeType());
- if(n1.getNodeType() != n2.getNodeType())
- {
- Log.println("----- Knotentyp stimmt nicht überein:"+path);
- return false;
- }
-
- String n1_ns = n1.getPrefix();
- String n2_ns = n2.getPrefix();
- //Log.println("----- Compare Node "+level+":"+n1_ns+" "+n2_ns);
- if(!((n1_ns==null && n2_ns==null) ||
- (n1_ns!=null && n2_ns!=null && n1_ns.equals(n2_ns))))
- {
- Log.println("----- NameSpace stimmt nicht überein:"+path);
- return false;
- }
-
- String n1_value = n1.getNodeValue();
- String n2_value = n2.getNodeValue();
-
- boolean special = false;
- special = specialValues(n1_value,n2_value,path);
- if(special) return true;
-
- //Log.println("----- Compare Node "+level+":"+n1_value+" "+n2_value);
- if(!((n1_value==null && n2_value==null) ||
- (n1_value!=null && n2_value!=null && n1_value.equals(n2_value))))
- {
- Log.println("----- Wert stimmt nicht überein:"+path);
- Log.println("----- Value1:\n"+n1_value);
- Log.println("----- Value2:\n"+n2_value);
- return false;
- }
-
-
- return true;
- }
-
- private boolean compareNodeAttriubtesWithoutSize(Node n1, Node n2, int level,String path)
- {
- return true;
- }
-
- private boolean compareNodeAttriubtes(Node n1, Node n2, int level,String path)
- {
- //Log.println("----- Compare NodeAttributes "+level+":"+n1.getNodeName()+" "+n2.getNodeName());
- Element n1elem = (Element)n1;
- Element n2elem = (Element)n2;
-
- NamedNodeMap nnm1 = n1.getAttributes();
- NamedNodeMap nnm2 = n2.getAttributes();
-
- int size1 = 0;
- int size2 = 0;
-
- boolean specialattrs = specialAttributesSize(path);
-
- if(!specialattrs)
- {
-
- if(nnm1==null && nnm2==null) return true;
- if(nnm1==null || nnm2==null)
- {
- Log.println("----- Anzahl der Attribute nicht gleich:"+path+":"+getPathString(n1));
- return false;
- }
- size1 = nnm1.getLength();
- size2 = nnm2.getLength();
-
- if(size1 != size2)
- {
- Log.println("----- Anzahl der Attribute nicht gleich:"+path+":"+getPathString(n1));
- return false;
- }
-
- }
- else
- {
- return compareNodeAttriubtesWithoutSize(n1,n2,level,path);
- }
-
- for(int counter=0;counter<size1;counter++)
- {
- Node attribute_node1 = nnm1.item(counter);
- Node attribute_node2 = nnm2.item(counter);
-
- String attr1_name = attribute_node1.getNodeName();
- String attr2_name = attribute_node2.getNodeName();
-
- String value1 = n1elem.getAttribute(attr1_name);
- String value2 = n2elem.getAttribute(attr2_name);
-
- boolean special = false;
-
- special = specialAttributes(path,attr1_name,value1,attr2_name,value2);
- if(special)
- {
- return special;
- }
-
- if(!value1.equals(value2))
- {
- Log.println("----- Keine Übereinstimmung gefunden:"+path+getPathString(n1));
- return false;
- }
- }
-
- return true;
- }
-
- private boolean checkNode(Node base,String name)
- {
- if(base.getNodeName().equals(name))
- {
- return true;
- }
-
- NodeList children = base.getChildNodes();
- int size = children.getLength();
- for(int counter=0;counter<size;counter++)
- {
- boolean found = checkNode(children.item(counter),name);
- if(found) return true;
- }
- return false;
- }
-
- private void display_one(Node base)
- {
- int att_size=0;
- if(base.getAttributes()!=null)
- {
- att_size=base.getAttributes().getLength();
- }
- if(base.getNodeName().equals("#text"))
- Log.println(base.getNodeName()+base.getChildNodes().getLength()+":"+att_size+" ("+base.getNodeValue()+")");
- else
- Log.println(base.getNodeName()+base.getChildNodes().getLength()+":"+att_size);
- }
-
- private void display(Node base)
- {
- display(base,1);
- }
-
- private void display(Node base,int level)
- {
- String spacer = "";
- for(int counter=0;counter<level;counter++)
- {
- spacer+=" ";
- }
-
- int att_size=0;
- if(base.getAttributes()!=null)
- {
- att_size=base.getAttributes().getLength();
- }
- if(base.getNodeName().equals("#text"))
- Log.println(spacer+base.getNodeName()+base.getChildNodes().getLength()+":"+att_size+" ("+base.getNodeValue()+")");
- else
- Log.println(spacer+base.getNodeName()+base.getChildNodes().getLength()+":"+att_size);
-
- NodeList children = base.getChildNodes();
- int size = children.getLength();
- for(int counter=0;counter<size;counter++)
- {
- display(children.item(counter),level+1);
- }
- }
-
- private void filterTree(Node base)
- {
- ArrayList removeList = new ArrayList();
-
- NodeList children = base.getChildNodes();
- int size = children.getLength();
- for(int counter=0;counter<size;counter++)
- {
- Node child1 = children.item(counter);
- if(child1.getNodeType() == Node.TEXT_NODE && child1.getNodeValue().trim().equals(""))
- {
- removeList.add(child1);
- }
- }
-
- size = removeList.size();
- for(int counter=0;counter<size;counter++)
- {
- base.removeChild((Node)removeList.get(counter));
- }
-
- children = base.getChildNodes();
- size = children.getLength();
- for(int counter=0;counter<size;counter++)
- {
- filterTree(children.item(counter));
- }
-
- }
-
- private String getPathString(Node n)
- {
- if(n.getNodeType()==Node.TEXT_NODE)
- {
- return n.getParentNode().getNodeName()+"(text)";
- }
- else
- {
- return n.getNodeName();
- }
-
- }
-
- public boolean specialAttributes(String path,String attr1_name,String value1,String attr2_name,String value2)
- {
- //if(value1.startsWith("reference-") && value2.startsWith("reference-")) return true;
- //if(value1.startsWith("signature-") && value2.startsWith("signature-")) return true;
-
- return false;
- }
-
- public boolean specialAttributesSize(String path)
- {
- //if(path.endsWith("/xsl:template/(a)")) return true;
- return false;
- }
-
- public boolean specialValues(String value1,String value2,String path)
- {
-
- //Log.println(path);
- /*if(ignoreSignatureValue)
- {
- if(path.endsWith("/dsig:SignatureValue(text)/"))
- {
- return true;
- }
- }
- else
- {
- if(path.endsWith("/dsig:SignatureValue(text)/"))
- {
- String stripped_1 = strip(value1);
- String stripped_2 = strip(value2);
- return stripped_1.equals(stripped_2);
- }
- }*/
-
- return false;
- }
-
- private String strip(String input)
- {
- String output = replaceStringAll(input," ","");
- output = replaceStringAll(output,"\n","");
- output = replaceStringAll(output,"\r","");
- return output;
- }
-
- private static String replaceStringAll(
- String input,
- String oldPart,
- String newPart)
- {
-
- String erg = null;
-
- int pos = input.indexOf(oldPart);
- if(pos==-1) return input;
-
- while(true)
- {
-
- //First Part
- pos = input.indexOf(oldPart);
- if(pos==-1) break;
- erg = input.substring(0, pos);
-
- //Insert new Part
- erg += newPart;
-
- //insert REST
- erg
- += input.substring(
- input.indexOf(oldPart) + oldPart.length(),
- input.length());
-
- input = erg;
- }
- return erg;
- }
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java
deleted file mode 100644
index b6eda3c39..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java
+++ /dev/null
@@ -1,32 +0,0 @@
-package test.at.gv.egovernment.moa.id.proxy.builder;
-
-import org.w3c.dom.Element;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
-import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder;
-import at.gv.egovernment.moa.util.DOMUtils;
-
-/*
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLRequestBuilderTest extends UnitTestCase {
-
- public SAMLRequestBuilderTest(String arg0) {
- super(arg0);
- }
-
- public void testBuild() throws Exception {
- String requestID = "123";
- String samlArtifact = new SAMLArtifactBuilder().build("https://moa.gv.at/auth/", "12345678901234567890");
- String REQUEST_SHOULD = "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" +
- requestID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"IGNORE\">" +
- "<samlp:AssertionArtifact>" + samlArtifact + "</samlp:AssertionArtifact>" +
- "</samlp:Request>";
- Element request = new SAMLRequestBuilder().build(requestID, samlArtifact);
- Element requestShould = DOMUtils.parseDocument(REQUEST_SHOULD, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- assertTrue(new SAMLRequestCompare().compareElements(requestShould, request));
- }
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java
deleted file mode 100644
index 5685129a1..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java
+++ /dev/null
@@ -1,19 +0,0 @@
-package test.at.gv.egovernment.moa.id.proxy.builder;
-
-/*
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLRequestCompare extends test.at.gv.egovernment.moa.id.proxy.builder.DOMTreeCompare {
-
-
- /*
- * @see at.gv.egovernment.moa.util.SAMLRequestCompare#specialAttributes(java.lang.String, java.lang.String)
- */
- public boolean specialAttributes(String path,String attr1_name,String value1,String attr2_name,String value2) {
- if(attr1_name.equals("IssueInstant"))
- return true;
- return false;
- }
-
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java
deleted file mode 100644
index 39e7240d1..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java
+++ /dev/null
@@ -1,180 +0,0 @@
-package test.at.gv.egovernment.moa.id.proxy.parser;
-
-import org.w3c.dom.Element;
-
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.data.SAMLStatus;
-import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-
-/*
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLResponseParserTest extends UnitTestCase {
-
- public SAMLResponseParserTest(String arg0) {
- super(arg0);
- }
-
- public void testParse() throws Exception {
- String samlResponse =
- "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
- "<samlp:Response xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\"" +
- " ResponseID=\"\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-03-29T06:00:00+02:00\">" +
- "<samlp:Status>" +
- "<samlp:StatusCode Value=\"samlp:Success\"><samlp:StatusCode Value=\"samlp:Success\"></samlp:StatusCode></samlp:StatusCode>" +
- "<samlp:StatusMessage>Ollas leiwand</samlp:StatusMessage>" +
- "</samlp:Status>" +
-"<saml:Assertion xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:pr=\"http://reference.e-government.gv.at/namespace/persondata/20020228#\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" MajorVersion=\"1\" MinorVersion=\"0\" AssertionID=\"-4633313027464114584\" Issuer=\"http://localhost:8080/moa-id-auth/\" IssueInstant=\"2003-04-02T14:55:42+02:00\">" +
- "<saml:AttributeStatement>" +
- "<saml:Subject>" +
- "<saml:NameIdentifier NameQualifier=\"http://reference.e-government.gv.at/names/vpk/20020221#\">MTk2OC0xMC0yMmdi</saml:NameIdentifier>" +
- "<saml:SubjectConfirmation>" +
- "<saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>" +
- "<saml:SubjectConfirmationData>" +
- "<saml:Assertion xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" MajorVersion=\"1\" MinorVersion=\"0\" AssertionID=\"any\" Issuer=\"Hermann Muster\" IssueInstant=\"2003-04-02T14:55:27+02:00\">" +
- "<saml:AttributeStatement>" +
- "<saml:Subject>" +
- "<saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>" +
- "</saml:Subject>" +
- "<saml:Attribute AttributeName=\"Geschäftsbereich\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/moa/20020822#\">" +
- "<saml:AttributeValue>gb</saml:AttributeValue>" +
- "</saml:Attribute>" +
- "<saml:Attribute AttributeName=\"OA\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/moa/20020822#\">" +
- "<saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>" +
- "</saml:Attribute>" +
- "</saml:AttributeStatement>" +
- "</saml:Assertion>" +
- "<saml:Assertion AssertionID=\"zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474\" IssueInstant=\"2003-02-12T20:28:34.474\" Issuer=\"http://zmr.bmi.gv.at/zmra/names#Issuer\" MajorVersion=\"1\" MinorVersion=\"0\" xmlns:pr=\"http://reference.e-government.gv.at/namespace/persondata/20020228#\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">" +
- "<saml:AttributeStatement>" +
- "<saml:Subject>" +
- "<saml:SubjectConfirmation>" +
- "<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>" +
- "<saml:SubjectConfirmationData>" +
- "<pr:Person xsi:type=\"pr:PhysicalPersonType\">" +
- "<pr:Identification>" +
- "<pr:Value>123456789012</pr:Value>" +
- "<pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>" +
- "</pr:Identification>" +
- "<pr:Name>" +
- "<pr:GivenName>Hermann</pr:GivenName>" +
- "<pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName>" +
- "</pr:Name>" +
- "<pr:DateOfBirth>1968-10-22</pr:DateOfBirth>" +
- "</pr:Person>" +
- "</saml:SubjectConfirmationData>" +
- "</saml:SubjectConfirmation>" +
- "</saml:Subject>" +
- "<saml:Attribute AttributeName=\"CitizenPublicKey\" AttributeNamespace=\"http://www.buergerkarte.at/namespaces/personenbindung/20020506#\">" +
- "<saml:AttributeValue>" +
- "<dsig:RSAKeyValue xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" +
- "<dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a f2daYYuO8dycQw3xg6U=</dsig:Modulus>" +
- "<dsig:Exponent>AQAB</dsig:Exponent>" +
- "</dsig:RSAKeyValue>" +
- "</saml:AttributeValue>" +
- "</saml:Attribute>" +
- "<saml:Attribute AttributeName=\"CitizenPublicKey\" AttributeNamespace=\"http://www.buergerkarte.at/namespaces/personenbindung/20020506#\">" +
- "<saml:AttributeValue>" +
- "<dsig:RSAKeyValue xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" +
- "<dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn pIpdAwR9sw5xnIvTySc=</dsig:Modulus>" +
- "<dsig:Exponent>AQAB</dsig:Exponent>" +
- "</dsig:RSAKeyValue>" +
- "</saml:AttributeValue>" +
- "</saml:Attribute>" +
- "</saml:AttributeStatement>" +
- "<dsig:Signature xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" +
- "<dsig:SignedInfo>" +
- "<dsig:CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\"/>" +
- "<dsig:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>" +
- "<dsig:Reference URI=\"\">" +
- "<dsig:Transforms>" +
- "<dsig:Transform Algorithm=\"http://www.w3.org/TR/1999/REC-xpath-19991116\">" +
- "<dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>" +
- "</dsig:Transform>" +
- "<dsig:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>" +
- "</dsig:Transforms>" +
- "<dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>" +
- "<dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue>" +
- "</dsig:Reference>" +
- "<dsig:Reference Type=\"http://www.w3.org/2000/09/xmldsig#Manifest\" URI=\"\">" +
- "<dsig:Transforms>" +
- "<dsig:Transform Algorithm=\"http://www.w3.org/TR/1999/REC-xpath-19991116\">" +
- "<dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath>" +
- "</dsig:Transform>" +
- "</dsig:Transforms>" +
- "<dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>" +
- "<dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue>" +
- "</dsig:Reference>" +
- "</dsig:SignedInfo>" +
- "<dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz 5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP 3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue>" +
- "<dsig:KeyInfo>" +
- "<dsig:X509Data>" +
- "<dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3 +UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0 lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2 fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0 Btxup/kgjGMnnS7C</dsig:X509Certificate>" +
- "<dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia 2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv 7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate>" +
- "<dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB /wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7 kFfp23o/juVtJNw=</dsig:X509Certificate>" +
- "</dsig:X509Data>" +
- "</dsig:KeyInfo>" +
- "<dsig:Object>" +
- "<dsig:Manifest>" +
- "<dsig:Reference URI=\"\">" +
- "<dsig:Transforms>" +
- "<dsig:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>" +
- "</dsig:Transforms>" +
- "<dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>" +
- "<dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue>" +
- "</dsig:Reference>" +
- "</dsig:Manifest>" +
- "</dsig:Object>" +
- "</dsig:Signature>" +
- "</saml:Assertion>" +
- "</saml:SubjectConfirmationData>" +
- "</saml:SubjectConfirmation>" +
- "</saml:Subject>" +
- "<saml:Attribute AttributeName=\"PersonData\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/persondata/20020228#\">" +
- "<saml:AttributeValue>" +
- "<pr:Person xsi:type=\"pr:PhysicalPersonType\">" +
- "<pr:Identification>" +
- "<pr:Value>123456789012</pr:Value>" +
- "<pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>" +
- "</pr:Identification>" +
- "<pr:Name>" +
- "<pr:GivenName>Hermann</pr:GivenName>" +
- "<pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName>" +
- "</pr:Name>" +
- "<pr:DateOfBirth>1968-10-22</pr:DateOfBirth>" +
- "</pr:Person>" +
- "</saml:AttributeValue>" +
- "</saml:Attribute>" +
- "<saml:Attribute AttributeName=\"isQualifiedCertificate\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/moa/20020822#\">" +
- "<saml:AttributeValue>true</saml:AttributeValue>" +
- "</saml:Attribute>" +
- "</saml:AttributeStatement>" +
-"</saml:Assertion>" +
- "</samlp:Response>";
-
- Element samlResponseElem =
- DOMUtils.parseDocument(samlResponse, true, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- SAMLResponseParser parser = new SAMLResponseParser(samlResponseElem);
- SAMLStatus status = parser.parseStatusCode();
- assertEquals("samlp:Success", status.getStatusCode());
- assertEquals("samlp:Success", status.getSubStatusCode());
- assertEquals("Ollas leiwand", status.getStatusMessage());
- AuthenticationData authData = parser.parseAuthenticationData();
- assertEquals(1, authData.getMajorVersion());
- assertEquals(0, authData.getMinorVersion());
- assertEquals("-4633313027464114584", authData.getAssertionID());
- assertEquals("http://localhost:8080/moa-id-auth/", authData.getIssuer());
- assertEquals("2003-04-02T14:55:42+02:00", authData.getIssueInstant());
- assertEquals("123456789012", authData.getIdentificationValue());
- assertEquals("MTk2OC0xMC0yMmdi", authData.getVPK());
- assertEquals("Hermann", authData.getGivenName());
- assertEquals("Muster", authData.getFamilyName());
- assertEquals("1968-10-22", authData.getDateOfBirth());
- assertTrue(authData.isQualifiedCertificate());
- assertFalse(authData.isPublicAuthority());
- }
-}
diff --git a/id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java b/id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java
deleted file mode 100644
index 351ca0bd5..000000000
--- a/id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java
+++ /dev/null
@@ -1,92 +0,0 @@
-package test.at.gv.egovernment.moa.id.util;
-
-import iaik.pki.jsse.IAIKX509TrustManager;
-
-import java.net.URL;
-import java.security.Security;
-
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLSocketFactory;
-
-import com.sun.net.ssl.HttpsURLConnection;
-
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import test.at.gv.egovernment.moa.id.UnitTestCase;
-
-/*
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SSLUtilsTest extends UnitTestCase {
-
- public SSLUtilsTest(String name) {
- super(name);
- }
-
- protected void setUp() throws Exception {
- //System.setProperty("javax.net.debug", "all");
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
- IAIKX509TrustManager.initLog(new LoggerConfigImpl("file:" + TESTDATA_ROOT + "conf/log4j.properties"));
- System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5");
- }
-
- public void testVerisignOK() throws Exception {
- doTestOA("conf/ConfigurationTest.xml", "http://verisign.moa.gv.at/", true, null);
- }
- public void testATrustOK() throws Exception {
- doTestOA("conf/ConfigurationTest.xml", "http://a-trust.moa.gv.at/", true, null);
- }
- public void testBaltimoreOK() throws Exception {
- doTestOA("conf/ConfigurationTest.xml", "http://baltimore.moa.gv.at/", true, null);
- }
- public void testCIOOK() throws Exception {
- doTestOA("conf/ConfigurationTest.xml", "http://cio.moa.gv.at/", true, null);
- }
- public void testMOASPOK() throws Exception {
- System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME,
- TESTDATA_ROOT + "conf/ConfigurationTest.xml");
- ConnectionParameter connParam = AuthConfigurationProvider.getInstance().getMoaSpConnectionParameter();
- doTest(connParam, true, null);
- }
- private void doTestOA(String configFile, String publicURLPrefix, boolean shouldOK, String exMessageFragment) throws Exception {
- System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME,
- TESTDATA_ROOT + configFile);
- ProxyConfigurationProvider proxyConf =
- ProxyConfigurationProvider.getInstance();
- OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(publicURLPrefix);
- ConnectionParameter connParam = oaParam.getConnectionParameter();
- doTest(connParam, shouldOK, exMessageFragment);
- }
- private void doTest(ConnectionParameter connParam, boolean shouldOK, String exMessageFragment) throws Exception {
- SSLUtils.initialize();
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
- SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, connParam);
- URL url = new URL(connParam.getUrl());
- HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();
- conn.setRequestMethod("GET");
- conn.setDoInput(true);
- conn.setDoOutput(true);
- conn.setUseCaches(false);
- conn.setAllowUserInteraction(false);
- conn.setSSLSocketFactory(ssf);
- try {
- conn.connect();
- assertTrue(shouldOK);
- assertEquals(200, conn.getResponseCode());
- conn.disconnect();
- }
- catch (SSLException ex) {
- ex.printStackTrace();
- assertFalse(shouldOK);
- assertTrue(ex.getMessage().indexOf(exMessageFragment) >= 0);
- }
- }
-
-}
diff --git a/id.server/src/test/lasttest/Dispatcher.java b/id.server/src/test/lasttest/Dispatcher.java
deleted file mode 100644
index ad8f10fb4..000000000
--- a/id.server/src/test/lasttest/Dispatcher.java
+++ /dev/null
@@ -1,64 +0,0 @@
-package test.lasttest;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class Dispatcher extends Thread {
- private LasttestClient parent = null;
- private int max;
- private int turns;
- private int turn_counter;
- private int turn;
- private int time;
- private long sum;
- private int turnnum;
-
- public Dispatcher(LasttestClient parent, int max, int turns, int time, long sum) {
- this.parent = parent;
- this.max = max;
- this.turns = turns;
- this.time = time;
- this.sum = sum;
- turnnum=0;
- }
-
- public void run() {
- this.setPriority(Thread.NORM_PRIORITY + 1);
- System.out.println("Dispatcher wird gestartet...");
- TestThread[] old_reqs = buildRequests(0);
- for (turn_counter = 0; turns == 0 ? true : (turn_counter < turns); turn_counter++) {
- try {
-// LasttestClient.Log.write(("Starte Durchlauf " + turn_counter + "\n").getBytes());
- }
- catch (Exception e) {}
-
-// System.out.println("Starte Durchlauf " + turn_counter);
- turn = turn_counter;
- if (turns == 0)
- turn_counter--;
- TestThread[] reqs = buildRequests(turn_counter);
- for (int counter = 0; counter < max; counter++) {
- old_reqs[counter].start();
- }
- old_reqs = reqs;
- try {
- Thread.sleep(time);
- }
- catch (Exception e) {
- e.printStackTrace();
- }
- }
- parent.stop = true;
- }
-
- public TestThread[] buildRequests(int turnNo) {
- TestThread[] ret = new TestThread[max];
- for (int counter = 0; counter < max; counter++) {
-// turnnum ++;
- ret[counter] = new TestThread(parent, turnNo);
- }
- return ret;
- }
-}
diff --git a/id.server/src/test/lasttest/HostnameVerifierHack.java b/id.server/src/test/lasttest/HostnameVerifierHack.java
deleted file mode 100644
index cf34b621a..000000000
--- a/id.server/src/test/lasttest/HostnameVerifierHack.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package test.lasttest;
-
-import com.sun.net.ssl.HostnameVerifier;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class HostnameVerifierHack implements HostnameVerifier{
- public boolean verify(String arg0, String arg1) {
- return true;
- }}
diff --git a/id.server/src/test/lasttest/LasttestClient.java b/id.server/src/test/lasttest/LasttestClient.java
deleted file mode 100644
index bad5161ba..000000000
--- a/id.server/src/test/lasttest/LasttestClient.java
+++ /dev/null
@@ -1,218 +0,0 @@
-package test.lasttest;
-
-import java.io.FileOutputStream;
-import java.io.OutputStream;
-import java.io.PrintStream;
-import java.security.Security;
-import java.util.Date;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.StreamUtils;
-import at.gv.egovernment.moa.util.URLDecoder;
-import at.gv.egovernment.moa.util.URLEncoder;
-import com.sun.net.ssl.HttpsURLConnection;
-
-/**
- * @author Sven
- *
- * To change this generated comment edit the template variable "typecomment":
- * Window>Preferences>Java>Templates.
- * To enable and disable the creation of type comments go to
- * Window>Preferences>Java>Code Generation.
- *
- * Aufruf: Requestdatei (==null), ServerURL, Anzahl der Requests pro Sekunde, Anzahl der Wiederholungen
- * z.b. "data/CX0/TestGeneratorCX0.001.Req.xml" "http://127.0.0.1:8080/" 5 100
- *
- * ==> GEÄNDERT: ersten 2 Parameter gekillt... nur noch 5 100
- */
-public class LasttestClient {
-
- protected static final String TESTDATA_ROOT = "data/abnahme-test/";
- protected static final String MOA_AUTH_SERVER = "https://localhost:8443/moa-id-auth/";
- protected AuthenticationServer server;
-
- public int max_thread_count = 300;
- public int thread_counter = 0;
- public int error_count = 0;
- public int turns = 0;
- public long sum = 0;
- public long max = 0;
- public long min = Long.MAX_VALUE;
-
- public static PrintStream Log = null;
-
- public boolean stop = false;
-
- public static final String trustStore = "javax.net.ssl.trustStore";
- public static final String trustStorePassword = "javax.net.ssl.trustStorePassword";
- public static final String handler = "java.protocol.handler.pkgs";
-
- public void startTest(int req_per_second, int turns, int time) throws Exception {
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
-
- System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
- System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore");
- System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
-
- System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, TESTDATA_ROOT + "xmldata/L000/Configuration.xml");
-
- AuthConfigurationProvider.reload();
-
- this.turns = turns;
-
- boolean result = new TestThread(this,0).doRequest(0);// doTestRequest();
- if (result) {
- System.out.println("TestRequest OK. Lasttest wird gestartet.");
- sum=0;
- max=0;
- Dispatcher dp = new Dispatcher(this, req_per_second, turns, time, sum);
- dp.start();
- while (!stop) {
- try {
- Log.println(new String(("Checking Stop Condition ...(Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")")));
- Log.flush();
- }
- catch (Exception e) {}
-
- System.out.println("Checking Stop Condition ...(Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")");
- Thread.sleep(10000);
- }
- System.out.println("Fehler:" + error_count + " (Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")");
- }
- else {
- System.out.println("TestRequest lieferte einen Fehler. Lasttest wird nicht gestartet.");
- }
- }
-
-
- public boolean doTestRequest() throws Exception {
-
- try {
-
- TestThread tt = new TestThread(null,0);
-
- // Anmelden
- String URL = tt.getURL(MOA_AUTH_SERVER, "gb", "http://10.16.126.28:9080/moa-id-proxy/");
- HttpsURLConnection conn = tt.giveConnection(URL, "GET");
-
- conn.connect();
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
- String MOASessionID = tt.parseSessionIDFromForm(result);
- conn.disconnect();
-
- URL = tt.parseDataURL(result);
- // Verify Identity Link
- conn = tt.giveConnection(URL, "POST");
- conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
- String infoboxReadResponse = tt.readXmldata("InfoboxReadResponse.xml");
- OutputStream out = conn.getOutputStream();
- out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
- out.flush();
- out.close();
- conn.connect();
- String redirectLoc = conn.getHeaderField("Location");
- conn.disconnect();
- //Verify Auth Block
- conn = tt.giveConnection(redirectLoc, "POST");
- String createXMLSignatureResponse = URLEncoder.encode(tt.readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
- out = conn.getOutputStream();
- out.write(("XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8"));
- out.flush();
- out.close();
- conn.connect();
- redirectLoc = conn.getHeaderField("Location");
- String samlArtifact = tt.parseSamlArtifact(redirectLoc);
- System.out.println("SamlArtifact: " + samlArtifact);
-
- conn.disconnect();
-
- conn = null;
-
- SAMLRequestBuilder srb = new SAMLRequestBuilder();
-
- Element erg = tt.doCall(srb.build(MOASessionID, URLDecoder.decode(samlArtifact, "UTF-8")),MOA_AUTH_SERVER);
- result = DOMUtils.serializeNode(erg);
- if (result.indexOf("saml:Assertion")<0)
- {
- System.err.println("Falsche Antwort vom Webservice:\n" + result);
- throw new Exception("Falsche Antwort vom Webservice");
-
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN LASTTEST :" + e.getLocalizedMessage());
- throw e;
- }
-
- return true;
-
- }
-
- public String replaceString(String input, String oldPart, String newPart) throws Exception {
- String erg = null;
-
- //First Part
- erg = input.substring(0, input.indexOf(oldPart));
- //Insert new Part
- erg += newPart;
-
- //insert REST
- erg += input.substring(input.indexOf(oldPart) + oldPart.length(), input.length());
-
- return erg;
- }
-
- public static void main(String[] args) throws Exception {
- Log = new PrintStream(new FileOutputStream("C:/Lasttest.log"));
- int time = 0;
- int sek = 0;
- int turns = 0;
-
- if (args.length != 3) {
- System.out.println("Parameteranzahl falsch. Bitte verwenden Sie die Syntax <Request_pro_Zeiteinheit(Zahl)> <Anzahl_der_Durchläufe(Zahl oder INF)> <Zeit_zwischen_Aufrufen_in_ms(Zahl)>");
- return;
- }
-
- try {
- sek = Integer.parseInt(args[0]);
- time = Integer.parseInt(args[2]);
- if (args[1].equals("INF")) {
- turns = 0;
- }
- else
- turns = Integer.parseInt(args[1]);
- }
- catch (NumberFormatException e) {
- System.out.println("Einer der Parameter (Requestanzahl oder Testanzahl) ist keine Zahl !");
- return;
- }
-
- System.out.println("Starte Lastest mit folgenden Parametern ...");
- System.out.println("ServerURL: " + MOA_AUTH_SERVER);
- double reqPerSek = sek*1000;
- System.out.println("Requests pro Sekunde: " + reqPerSek/time);
- System.out.println("Durchläufe: " + (turns == 0 ? "INF" : turns + ""));
-
- Log.println("Starte Lastest mit folgenden Parametern ...");
- Log.println("ServerURL: " + MOA_AUTH_SERVER);
- Log.println("Requests pro Sekunde: " + reqPerSek / time);
- Log.println("Durchläufe: " + (turns == 0 ? "INF" : turns + ""));
-
-
- try {
- LasttestClient lc = new LasttestClient();
- //lc.startTest("data/CX0/TestGeneratorCX0.001.Req.xml","http://161.106.2.255:8080/",10,1000);
- lc.startTest(sek, turns, time);
- }
- catch (Exception e) {
- e.printStackTrace();
- }
- }
-}
-
diff --git a/id.server/src/test/lasttest/TestThread.java b/id.server/src/test/lasttest/TestThread.java
deleted file mode 100644
index 0d2973c7f..000000000
--- a/id.server/src/test/lasttest/TestThread.java
+++ /dev/null
@@ -1,251 +0,0 @@
-package test.lasttest;
-
-import java.io.OutputStream;
-import java.net.URL;
-import java.util.Vector;
-
-import javax.xml.namespace.QName;
-import javax.xml.rpc.Call;
-import javax.xml.rpc.Service;
-import javax.xml.rpc.ServiceFactory;
-
-import org.apache.axis.message.SOAPBodyElement;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder;
-import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.StreamUtils;
-import at.gv.egovernment.moa.util.URLDecoder;
-import at.gv.egovernment.moa.util.URLEncoder;
-import com.sun.net.ssl.HttpsURLConnection;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class TestThread extends Thread {
- private LasttestClient parent = null;
- private int turn_no;
- private Dispatcher disp = null;
-
- public TestThread( LasttestClient parent, int durchlauf_nr) {
- turn_no = durchlauf_nr;
- this.parent = parent;
-
- }
-
- protected Element doCall(Element request, String server) throws Exception {
-
- /* QName serviceName = new QName("GetAuthenticationData");
-
- String endPoint = server + "services/GetAuthenticationData";
- Service service = ServiceFactory.newInstance().createService(serviceName);
- Call call = service.createCall();
- SOAPBodyElement body = new SOAPBodyElement(request);
- SOAPBodyElement[] params = new SOAPBodyElement[] { body };
- Vector responses;
- SOAPBodyElement response;
-
-
- System.out.println(DOMUtils.serializeNode(body.getAsDOM()));
- call.setTargetEndpointAddress(endPoint);
- System.out.println("Rufe WS auf: " + endPoint);
- responses = (Vector) call.invoke(params);
- System.out.println("WS aufgerufen.");
- response = (SOAPBodyElement) responses.get(0);
- System.out.println(DOMUtils.serializeNode(response.getAsDOM()));
- return response.getAsDOM();*/
-
- QName serviceName = new QName("GetAuthenticationData");
- String endPoint = server + "services/GetAuthenticationData";
- Service service = ServiceFactory.newInstance().createService(serviceName);
- Call call = service.createCall();
-
- System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
- System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore");
- System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
- SOAPBodyElement body = new SOAPBodyElement(request);
- SOAPBodyElement[] params = new SOAPBodyElement[] { body };
- Vector responses;
- SOAPBodyElement response;
-
- call.setTargetEndpointAddress(endPoint);
- responses = (Vector) call.invoke(params);
- response = (SOAPBodyElement) responses.get(0);
- return response.getAsDOM();
- }
-
- public boolean doRequest(int turnNo) throws Exception {
- long start = System.currentTimeMillis();
-
- try {
- LasttestClient.Log.write(("Starte Durchlauf " + turnNo + "\n").getBytes());
- }
- catch (Exception e) {}
-
- System.out.println("Starte Durchlauf " + turnNo);
- // Anmelden
- String URL = getURL(LasttestClient.MOA_AUTH_SERVER, "gb", "http://10.16.126.28:9080/moa-id-proxy/");
- HttpsURLConnection conn = giveConnection(URL, "GET");
- conn.connect();
- String result = new String(StreamUtils.readStream(conn.getInputStream()));
- /*
- * FOR DEBUG ONLY
- */
- // System.out.println(URL);
- // System.out.println(result);
- //----------------
-
- String MOASessionID = parseSessionIDFromForm(result);
- conn.disconnect();
-
- URL = parseDataURL(result);
- // Verify Identity Link
- conn = giveConnection(URL, "POST");
- conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
- String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
- OutputStream out = conn.getOutputStream();
- out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
- out.flush();
- out.close();
- conn.connect();
-
- /*
- * FOR DEBUG ONLY
- */
- // System.out.println(URL);
- // System.out.println(new String(StreamUtils.readStream(conn.getInputStream())));
- //----------------
-
- String redirectLoc = conn.getHeaderField("Location");
- conn.disconnect();
- //Verify Auth Block
- conn = giveConnection(redirectLoc, "POST");
- String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
- out = conn.getOutputStream();
- out.write(("XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8"));
- out.flush();
- out.close();
- conn.connect();
- redirectLoc = conn.getHeaderField("Location");
-
- /*
- * FOR DEBUG ONLY
- */
- // System.out.println(redirectLoc);
- // System.out.println(new String(StreamUtils.readStream(conn.getInputStream())));
- //----------------
- String samlArtifact = parseSamlArtifact(redirectLoc);
-
- // System.out.println("SamlArtifact: " + samlArtifact);
-
- AxisSecureSocketFactory.initialize(conn.getSSLSocketFactory());
- conn.disconnect();
-
- conn = null;
-
- SAMLRequestBuilder srb = new SAMLRequestBuilder();
-
- doCall(srb.build(MOASessionID, URLDecoder.decode(samlArtifact, "UTF-8")), LasttestClient.MOA_AUTH_SERVER);
- // writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8"));
-
- long end = System.currentTimeMillis();
- long diff = end - start;
- parent.sum +=diff;
- if (parent.max < diff) {
- parent.max = diff;
- }
- if (parent.min > diff) {
- parent.min = diff;
- }
- if (turnNo>0) {
- long totalmem = Runtime.getRuntime().totalMemory();
- long freemem = Runtime.getRuntime().freeMemory();
- try {
- LasttestClient.Log.write(new String("Ende Durchlauf: " + turnNo + " ==> Dauer:" + diff + " Schnitt: " + (parent.sum/turnNo/2) + " Total-Mem: " + totalmem + " Free-Mem: " + freemem + "\n").getBytes());
- LasttestClient.Log.flush();
- }
- catch (Exception e) {}
- System.out.println(new String("Ende Durchlauf: " + turnNo + " ==> Dauer:" + diff + " Schnitt: " + (parent.sum/turnNo/2) + " Total-Mem: " + totalmem + " Free-Mem: " + freemem));
- }
- return true;
-
- }
-
- public String getSubString(String input, String startsWith, String endsWith) {
- return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length()));
- }
-
- public String getURL(String authURL, String target, String oaURL) {
- return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL;
- }
-
- public HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception {
- HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection();
- conn.setRequestMethod(requestMethod);
- conn.setDoInput(true);
- conn.setDoOutput(true);
- conn.setUseCaches(false);
- conn.setAllowUserInteraction(false);
- conn.setHostnameVerifier(new HostnameVerifierHack());
- return conn;
- }
-
- public String killInclusive(String input, String startsWith, String endsWith, String newValue) {
- int start = 0;
- int ende;
- String result;
- result = input;
- do {
- start = result.indexOf(startsWith, start) + startsWith.length();
- ende = result.indexOf(endsWith, start);
- result = result.substring(0, start - startsWith.length()) + newValue + result.substring(ende + endsWith.length(), result.length());
- start++;
- }
- while (result.indexOf(startsWith, ende + 1) > 0);
-
- return result;
- }
-
- public String parseDataURL(String input) {
- return getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\"");
- }
-
- public String parseSamlArtifact(String input) {
-// System.out.println(input);
- return getSubString(input + "@@@", "SAMLArtifact=", "@@@");
- }
-
- public String parseSessionIDFromForm(String htmlForm) {
- String parName = "MOASessionID=";
- int i1 = htmlForm.indexOf(parName) + parName.length();
- int i2 = htmlForm.indexOf("\"", i1);
- return htmlForm.substring(i1, i2);
- }
-
- public String readXmldata(String filename) throws Exception {
-
- return FileUtils.readFile(LasttestClient.TESTDATA_ROOT + "xmldata/L000/" + filename, "UTF-8");
- }
-
- /**
- * @see java.lang.Runnable#run()
- */
- public void run() {
- parent.thread_counter++;
-
- try {
- if (!doRequest(turn_no)) {
- parent.error_count++;
- }
- }
- catch (Exception e) {
- e.printStackTrace();
- parent.error_count++;
- }
- parent.thread_counter--;
- }
-
-}