diff options
Diffstat (limited to 'id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java')
-rw-r--r-- | id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java | 243 |
1 files changed, 243 insertions, 0 deletions
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java new file mode 100644 index 000000000..0ca5464a7 --- /dev/null +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java @@ -0,0 +1,243 @@ +package at.gv.egovernment.moa.id.demoOA; + + +import iaik.x509.X509Certificate; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.InputStream; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.util.Properties; +import java.util.Timer; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.httpclient.HttpClient; +import org.opensaml.DefaultBootstrap; +import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; +import org.opensaml.xml.parse.BasicParserPool; +import org.opensaml.xml.security.x509.BasicX509Credential; + +import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException; +import at.gv.egovernment.moa.id.demoOA.utils.MetaDataVerificationFilter; +import at.iaik.commons.util.MiscUtil; + + +public class Configuration { + + private Properties props; + private static final String SYSTEM_PROP_CONFIG = "moa.id.demoOA"; + + private HTTPMetadataProvider idpMetadataProvider = null; + private boolean pvp2logininitialzied = false; + + private String publicURLPreFix = null; + private KeyStore keyStore = null; + + private static Configuration instance = null; + + public static Configuration getInstance() throws ConfigurationException { + if (instance == null) { + instance = new Configuration(); + + } + + return instance; + } + + public String getPublicUrlPreFix(HttpServletRequest request) { + publicURLPreFix = props.getProperty("general.publicURLContext"); + + if (MiscUtil.isEmpty(publicURLPreFix) && request != null) { + String url = request.getRequestURL().toString(); + String contextpath = request.getContextPath(); + int index = url.indexOf(contextpath); + publicURLPreFix = url.substring(0, index + contextpath.length() + 1); + } + + return publicURLPreFix; + } + + public KeyStore getPVP2KeyStore() throws ConfigurationException { + + try { + if (keyStore == null) { + String keystoretype = getPVP2MetadataKeystoreType(); + if (MiscUtil.isEmpty(keystoretype)) { + keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); + + } else { + keyStore = KeyStore.getInstance(keystoretype); + + } + + + String file = getPVP2MetadataKeystoreURL(); + if (MiscUtil.isEmpty(file)) { + throw new ConfigurationException("KeyStoreURL is empty"); + } + + FileInputStream inputStream = new FileInputStream(file); + keyStore.load(inputStream, getPVP2MetadataKeystorePassword().toCharArray()); + inputStream.close(); + } + + return keyStore; + + } catch (Exception e){ + throw new ConfigurationException("KeyStore intialization FAILED", e); + + } + + } + + public String getPVP2LoginEntityName() { + return props.getProperty("general.login.pvp2.OA.metadata.entity.name"); + } + + public String getPVP2MetadataEntitiesName() { + return props.getProperty("general.login.pvp2.OA.metadata.entities.name"); + } + + public String getPVP2MetadataKeystoreURL() { + return props.getProperty("general.login.pvp2.OA.keystore.url"); + } + + public String getPVP2MetadataKeystorePassword() { + return props.getProperty("general.login.pvp2.OA.keystore.password"); + } + + public String getPVP2MetadataKeystoreType() { + return props.getProperty("general.login.pvp2.OA.keystore.type"); + } + + public String getPVP2KeystoreMetadataKeyAlias() { + return props.getProperty("general.login.pvp2.OA.keystore.metadata.sign.key.alias"); + } + + public String getPVP2KeystoreMetadataKeyPassword() { + return props.getProperty("general.login.pvp2.OA.keystore.metadata.sign.key.password"); + } + + public String getPVP2KeystoreAuthRequestKeyAlias() { + return props.getProperty("general.login.pvp2.keystore.authrequest.sign.key.alias"); + } + + public String getPVP2KeystoreAuthRequestKeyPassword() { + return props.getProperty("general.login.pvp2.keystore.authrequest.sign.key.password"); + } + + public String getPVP2KeystoreAuthRequestEncryptionKeyAlias() { + return props.getProperty("general.login.pvp2.keystore.assertion.encryption.key.alias"); + } + + public String getPVP2KeystoreAuthRequestEncryptionKeyPassword() { + return props.getProperty("general.login.pvp2.keystore.assertion.encryption.key.password"); + } + + public String getPVP2IDPMetadataURL() { + return props.getProperty("general.login.pvp2.idp.metadata.url"); + } + + public String getPVP2IDPMetadataCertificate() { + return props.getProperty("general.login.pvp2.idp.metadata.certificate"); + } + + public String getPVP2IDPMetadataEntityName() { + return props.getProperty("general.login.pvp2.idp.metadata.entityID"); + } + + + public void initializePVP2Login() throws ConfigurationException { + if (!pvp2logininitialzied) + initalPVP2Login(); + + } + + public HTTPMetadataProvider getMetaDataProvier() throws ConfigurationException { + + if (!pvp2logininitialzied) + initalPVP2Login(); + + return idpMetadataProvider; + } + + + private Configuration() throws ConfigurationException { + inizialize(); + } + + private void inizialize() throws ConfigurationException { + + String configFileName = System.getProperty(SYSTEM_PROP_CONFIG); + + if (configFileName == null) { + throw new ConfigurationException("No DemoOA configuration found."); + } + + File propertiesFile = new File(configFileName); + FileInputStream fis; + props = new Properties(); + + try { + + fis = new FileInputStream(propertiesFile); + props.load(fis); + + fis.close(); + + DefaultBootstrap.bootstrap(); + + } catch ( FileNotFoundException e) { + throw new ConfigurationException("DemoOA configuration is not found at " + configFileName); + + + } catch (IOException e) { + throw new ConfigurationException("DemoOA configuration can not be read from file " + configFileName); + + } catch (org.opensaml.xml.ConfigurationException e) { + throw new ConfigurationException("OpenSAML library initialization FAILED"); + + } + } + + private void initalPVP2Login() throws ConfigurationException { + try { + + String metadataCert = getPVP2IDPMetadataCertificate(); + if (MiscUtil.isEmpty(metadataCert)) { + throw new ConfigurationException("NO IDP Certificate to verify IDP Metadata"); + } + + InputStream certstream = new FileInputStream(metadataCert); + X509Certificate cert = new X509Certificate(certstream); + BasicX509Credential idpCredential = new BasicX509Credential(); + idpCredential.setEntityCertificate(cert); + + + String metadataurl = getPVP2IDPMetadataURL(); + if (MiscUtil.isEmpty(metadataurl)) { + throw new ConfigurationException("NO IDP Metadata URL."); + } + + idpMetadataProvider = new HTTPMetadataProvider(new Timer(), new HttpClient(), metadataurl); + idpMetadataProvider.setRequireValidMetadata(true); + idpMetadataProvider.setParserPool(new BasicParserPool()); + idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential)); + idpMetadataProvider.setMaxRefreshDelay(1000 * 3600 * 12 ); //refresh Metadata every 12h + idpMetadataProvider.initialize(); + + pvp2logininitialzied = true; + + } catch (Exception e) { + throw new ConfigurationException("PVP2 authentification can not be initialized.", e); + } + } + + +} |