1 files changed, 169 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
new file mode 100644
index 000000000..a82ba501c
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
@@ -0,0 +1,169 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ * 
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.id.auth.invoke;
+
+import javax.xml.namespace.QName;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.id.auth.exception.ServiceException;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
+import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
+import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * Invoker of the <code>SignatureVerification</code> web service of MOA-SPSS.<br>
+ * Either invokes the web service, or calls the corresponding API, depending on configuration data.
+ * 
+ * @author Stefan Knirsch
+ * @version $Id$
+ */
+public class SignatureVerificationInvoker {
+
+	private static SignatureVerificationInvoker instance = null;
+	private SignatureVerificationService svs = null;
+	
+	/** This QName Object identifies the SignatureVerification endpoint of the web service */
+  private static final QName SERVICE_QNAME = new QName("SignatureVerification");
+
+  
+  public static SignatureVerificationInvoker getInstance() {
+	  if (instance == null) {
+		  instance = new SignatureVerificationInvoker();
+		  
+	  }
+	  
+	  return instance;
+  }
+  
+  private SignatureVerificationInvoker() {	  
+    try {
+    	AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
+		ConnectionParameterInterface authConnParam = authConfigProvider.getMoaSpConnectionParameter();
+		
+		if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
+			
+			
+		} else {
+			svs = SignatureVerificationService.getInstance();
+			
+		}
+		
+	} catch (ConfigurationException e) {
+		// TODO Auto-generated catch block
+		e.printStackTrace();
+	}
+	  
+  }
+  
+  /**
+   * Method verifyXMLSignature.
+   * @param request to be sent
+   * @return Element with the answer
+   * @throws ServiceException if an error occurs
+   */
+  public Element verifyXMLSignature(Element request) throws ServiceException {
+    return doCall(SERVICE_QNAME, request);
+  }
+
+  /**
+   * Method doCall.
+   * @param serviceName the name of the service
+   * @param request the request to be sent
+   * @return Element the answer
+   * @throws ServiceException if an error occurs
+   */
+  protected Element doCall(QName serviceName, Element request) throws ServiceException {
+	  ConnectionParameterInterface authConnParam = null;
+    try {      
+      AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
+      authConnParam = authConfigProvider.getMoaSpConnectionParameter();
+      //If the ConnectionParameter do NOT exist, we try to get the api to work....
+      if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
+    	  
+    	  throw new ServiceException("service.00", new Object[]{"MOA-SP connection via Web-Service is not allowed any more!!!!!!"});
+//        Service service = ServiceFactory.newInstance().createService(serviceName);
+//        Call call = service.createCall();
+//        SOAPBodyElement body = new SOAPBodyElement(request);
+//        SOAPBodyElement[] params = new SOAPBodyElement[] { body };
+//        Vector responses;
+//        SOAPBodyElement response;
+//    	  
+//        Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix());
+//        call.setTargetEndpointAddress(authConnParam.getUrl());
+//        responses = (Vector) call.invoke(serviceName, params);
+//        Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used
+//        response = (SOAPBodyElement) responses.get(0);
+//        return response.getAsDOM();
+      }
+      else {
+        VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request);
+		
+        VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
+        Document result = new VerifyXMLSignatureResponseBuilder().build(vsresponse);
+
+        //Logger.setHierarchy("moa.id.auth");
+        return result.getDocumentElement();
+      }
+    }
+    catch (Exception ex) {
+      if (authConnParam != null) {
+	      throw new ServiceException("service.00", new Object[] { ex.toString()}, ex);
+      } else {
+        throw new ServiceException("service.03", new Object[] { ex.toString()}, ex);
+      }
+    }
+  }
+}