diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java | 353 |
1 files changed, 203 insertions, 150 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index a72f6c2ea..94651915e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -46,20 +46,26 @@ import java.util.Map; import org.apache.commons.collections4.map.HashedMap; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; -import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.MiscUtil; import iaik.x509.X509Certificate; /** - * Session data to be stored between <code>AuthenticationServer</code> API calls. * - * @author Paul Ivancsics - * @version $Id$ + * Serializable implementation of the {@link IAuthenticationSession} interface, which could be stored into a + * AuthenticationSession database + * + * @author Thomas Lenz + * */ -public class AuthenticationSession implements Serializable { +public class AuthenticationSession implements Serializable, IAuthenticationSession { /** * @@ -94,7 +100,7 @@ public class AuthenticationSession implements Serializable { * * Mandate element */ - private MISMandate mandate; + private IMISMandate mandate; /** * Reference value for mandate bussiness service for the assertion @@ -110,7 +116,7 @@ public class AuthenticationSession implements Serializable { /** * identity link read from smartcard */ - private IdentityLink identityLink; + private IIdentityLink identityLink; /** * authentication block to be signed by the user @@ -151,7 +157,7 @@ public class AuthenticationSession implements Serializable { private String QAALevel = null; - private VerifyXMLSignatureResponse XMLVerifySignatureResponse; + private IVerifiyXMLSignatureResponse XMLVerifySignatureResponse; private boolean isForeigner; @@ -170,14 +176,61 @@ public class AuthenticationSession implements Serializable { } + /** + * @param id + * @param now + * @param moaSession + */ + public AuthenticationSession(String id, Date now, IAuthenticationSession moaSession) { + sessionID = id; + sessionCreated = now; + + authBlock = moaSession.getAuthBlock(); + authBlockTokken = moaSession.getAuthBlockTokken(); + authenticated = moaSession.isAuthenticated(); + bkuURL = moaSession.getBkuURL(); + extendedSAMLAttributesAUTH = moaSession.getExtendedSAMLAttributesAUTH(); + extendedSAMLAttributesOA = moaSession.getExtendedSAMLAttributesOA(); + + genericSessionDataStorate = moaSession.getGenericSessionDataStorage(); + + identityLink = moaSession.getIdentityLink(); + isForeigner = moaSession.isForeigner(); + isOW = moaSession.isOW(); + issueInstant = moaSession.getIssueInstant(); + mandate = moaSession.getMISMandate(); + mandateReferenceValue = moaSession.getMandateReferenceValue(); + misSessionID = moaSession.getMISSessionID(); + QAALevel = moaSession.getQAALevel(); + samlAttributeGebeORwbpk = moaSession.getSAMLAttributeGebeORwbpk(); + sessionCreated = moaSession.getSessionCreated(); + signerCertificate = moaSession.getEncodedSignerCertificate(); + useMandates = moaSession.isMandateUsed(); + XMLVerifySignatureResponse = moaSession.getXMLVerifySignatureResponse(); + + //TODO: implement session construction from existing eID information + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated() + */ + @Override public boolean isAuthenticated() { return authenticated; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthenticated(boolean) + */ + @Override public void setAuthenticated(boolean authenticated) { this.authenticated = authenticated; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSignerCertificate() + */ + @Override public X509Certificate getSignerCertificate() { try { return new X509Certificate(signerCertificate); @@ -188,10 +241,18 @@ public class AuthenticationSession implements Serializable { } } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getEncodedSignerCertificate() + */ + @Override public byte[] getEncodedSignerCertificate() { return this.signerCertificate; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSignerCertificate(iaik.x509.X509Certificate) + */ + @Override public void setSignerCertificate(X509Certificate signerCertificate) { try { this.signerCertificate = signerCertificate.getEncoded(); @@ -201,174 +262,141 @@ public class AuthenticationSession implements Serializable { } } - /** - * Returns the identityLink. - * - * @return IdentityLink + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIdentityLink() */ - public IdentityLink getIdentityLink() { + @Override + public IIdentityLink getIdentityLink() { return identityLink; } - /** - * Returns the sessionID. - * - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionID() */ + @Override public String getSessionID() { return sessionID; } - /** - * Sets the identityLink. - * - * @param identityLink - * The identityLink to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIdentityLink(at.gv.egovernment.moa.id.auth.data.IdentityLink) */ - public void setIdentityLink(IdentityLink identityLink) { + @Override + public void setIdentityLink(IIdentityLink identityLink) { this.identityLink = identityLink; } - /** - * Sets the sessionID. - * - * @param sessionId - * The sessionID to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSessionID(java.lang.String) */ + @Override public void setSessionID(String sessionId) { this.sessionID = sessionId; } - /** - * Returns the BKU URL. - * - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getBkuURL() */ + @Override public String getBkuURL() { return bkuURL; } - /** - * Sets the bkuURL - * - * @param bkuURL - * The BKU URL to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setBkuURL(java.lang.String) */ + @Override public void setBkuURL(String bkuURL) { this.bkuURL = bkuURL; } - /** - * Returns the authBlock. - * - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlock() */ + @Override public String getAuthBlock() { return authBlock; } - /** - * Sets the authBlock. - * - * @param authBlock - * The authBlock to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlock(java.lang.String) */ + @Override public void setAuthBlock(String authBlock) { this.authBlock = authBlock; } - /** - * Returns the SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. - * - * @return The SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesAUTH() */ + @Override public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesAUTH() { if (extendedSAMLAttributesAUTH == null) extendedSAMLAttributesAUTH = new ArrayList<ExtendedSAMLAttribute>(); return extendedSAMLAttributesAUTH; } - /** - * Sets the SAML Attributes to be appended to the AUTHBlock. - * - * @param extendedSAMLAttributesAUTH - * The SAML Attributes to be appended to the AUTHBlock. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesAUTH(java.util.List) */ + @Override public void setExtendedSAMLAttributesAUTH(List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH) { this.extendedSAMLAttributesAUTH = extendedSAMLAttributesAUTH; } - /** - * Returns the SAML Attributes to be appended to the SAML assertion delivered to the online - * application. Maybe <code>null</code>. - * - * @return The SAML Attributes to be appended to the SAML assertion delivered to the online - * application + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesOA() */ + @Override public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesOA() { return extendedSAMLAttributesOA; } - /** - * Sets the SAML Attributes to be appended to the SAML assertion delivered to the online - * application. - * - * @param extendedSAMLAttributesOA - * The SAML Attributes to be appended to the SAML assertion delivered to the online - * application. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesOA(java.util.List) */ + @Override public void setExtendedSAMLAttributesOA(List<ExtendedSAMLAttribute> extendedSAMLAttributesOA) { this.extendedSAMLAttributesOA = extendedSAMLAttributesOA; } - /** - * Returns the boolean value for either a target or a wbPK is provided as SAML Attribute in the - * SAML Assertion or not. - * - * @return true either a target or a wbPK is provided as SAML Attribute in the SAML Assertion or - * false if not. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSAMLAttributeGebeORwbpk() */ + @Override public boolean getSAMLAttributeGebeORwbpk() { return this.samlAttributeGebeORwbpk; } - /** - * Sets the boolean value for either a target or a wbPK is provided as SAML Attribute in the - * SAML Assertion or not. - * - * @param samlAttributeGebeORwbpk - * The boolean for value either a target or wbPK is provided as SAML Attribute in the - * SAML Assertion or not. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSAMLAttributeGebeORwbpk(boolean) */ + @Override public void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk) { this.samlAttributeGebeORwbpk = samlAttributeGebeORwbpk; } - /** - * Returns the issuing time of the AUTH-Block SAML assertion. - * - * @return The issuing time of the AUTH-Block SAML assertion. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIssueInstant() */ + @Override public String getIssueInstant() { return issueInstant; } - /** - * Sets the issuing time of the AUTH-Block SAML assertion. - * - * @param issueInstant - * The issueInstant to set. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant(java.lang.String) */ + @Override public void setIssueInstant(String issueInstant) { this.issueInstant = issueInstant; } - /** - * - * @param useMandate - * indicates if mandate is used or not + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandate(java.lang.String) */ + @Override public void setUseMandate(String useMandate) { if (useMandate.compareToIgnoreCase("true") == 0) this.useMandates = true; @@ -377,141 +405,172 @@ public class AuthenticationSession implements Serializable { } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandates(boolean) + */ + @Override public void setUseMandates(boolean useMandates) { this.useMandates = useMandates; } - /** - * @return + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isMandateUsed() */ + @Override public boolean isMandateUsed() { return this.useMandates; } - /** - * - * @param misSessionID - * indicates the MIS session ID + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISSessionID(java.lang.String) */ + @Override public void setMISSessionID(String misSessionID) { this.misSessionID = misSessionID; } - /** - * Returns the MIS session ID - * - * @return + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISSessionID() */ + @Override public String getMISSessionID() { return this.misSessionID; } - /** - * @return the mandateReferenceValue + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMandateReferenceValue() */ + @Override public String getMandateReferenceValue() { return mandateReferenceValue; } - /** - * @param mandateReferenceValue - * the mandateReferenceValue to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMandateReferenceValue(java.lang.String) */ + @Override public void setMandateReferenceValue(String mandateReferenceValue) { this.mandateReferenceValue = mandateReferenceValue; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isForeigner() + */ + @Override public boolean isForeigner() { return isForeigner; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setForeigner(boolean) + */ + @Override public void setForeigner(boolean isForeigner) { this.isForeigner = isForeigner; } - public VerifyXMLSignatureResponse getXMLVerifySignatureResponse() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getXMLVerifySignatureResponse() + */ + @Override + public IVerifiyXMLSignatureResponse getXMLVerifySignatureResponse() { return XMLVerifySignatureResponse; } - public void setXMLVerifySignatureResponse(VerifyXMLSignatureResponse xMLVerifySignatureResponse) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setXMLVerifySignatureResponse(at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse) + */ + @Override + public void setXMLVerifySignatureResponse(IVerifiyXMLSignatureResponse xMLVerifySignatureResponse) { XMLVerifySignatureResponse = xMLVerifySignatureResponse; } - public MISMandate getMISMandate() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISMandate() + */ + @Override + public IMISMandate getMISMandate() { return mandate; } - public void setMISMandate(MISMandate mandate) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISMandate(at.gv.egovernment.moa.id.data.MISMandate) + */ + @Override + public void setMISMandate(IMISMandate mandate) { this.mandate = mandate; } - /** - * @return the isOW + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isOW() */ + @Override public boolean isOW() { return isOW; } - /** - * @param isOW - * the isOW to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setOW(boolean) */ + @Override public void setOW(boolean isOW) { this.isOW = isOW; } - /** - * @return the authBlockTokken + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlockTokken() */ + @Override public String getAuthBlockTokken() { return authBlockTokken; } - /** - * @param authBlockTokken - * the authBlockTokken to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlockTokken(java.lang.String) */ + @Override public void setAuthBlockTokken(String authBlockTokken) { this.authBlockTokken = authBlockTokken; } - /** - * eIDAS QAA level - * - * @return the qAALevel + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getQAALevel() */ + @Override public String getQAALevel() { return QAALevel; } - /** - * set QAA level in eIDAS form - * - * @param qAALevel the qAALevel to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setQAALevel(java.lang.String) */ + @Override public void setQAALevel(String qAALevel) { QAALevel = qAALevel; } - /** - * @return the sessionCreated + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionCreated() */ + @Override public Date getSessionCreated() { return sessionCreated; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericSessionDataStorage() + */ + @Override public Map<String, Object> getGenericSessionDataStorage() { return genericSessionDataStorate; } - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @return The session-data object or null if no data is found with this key + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String) */ + @Override public Object getGenericDataFromSession(String key) { if (MiscUtil.isNotEmpty(key)) { return genericSessionDataStorate.get(key); @@ -523,13 +582,10 @@ public class AuthenticationSession implements Serializable { } - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @param clazz The class type which is stored with this key - * @return The session-data object or null if no data is found with this key + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String, java.lang.Class) */ + @Override public <T> T getGenericDataFromSession(String key, final Class<T> clazz) { if (MiscUtil.isNotEmpty(key)) { Object data = genericSessionDataStorate.get(key); @@ -555,13 +611,10 @@ public class AuthenticationSession implements Serializable { } - /** - * Store a generic data-object to session with a specific identifier - * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface - * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setGenericDataToSession(java.lang.String, java.lang.Object) */ + @Override public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { if (MiscUtil.isEmpty(key)) { Logger.warn("Generic session-data can not be stored with a 'null' key"); |