diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth')
106 files changed, 5101 insertions, 5943 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index ff2cee559..1348d2a56 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1,31 +1,8 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ package at.gv.egovernment.moa.id.auth; import iaik.asn1.ObjectID; import iaik.pki.PKIException; -import iaik.x509.CertificateFactory; import iaik.x509.X509Certificate; import iaik.x509.X509ExtensionInitException; @@ -39,12 +16,9 @@ import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Calendar; import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Map; -import java.util.Set; import java.util.Vector; import javax.servlet.http.HttpServletRequest; @@ -53,21 +27,18 @@ import javax.servlet.http.HttpSession; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; +import org.apache.commons.lang.StringEscapeUtils; import org.apache.xpath.XPathAPI; import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.xml.util.Base64; import org.opensaml.xml.util.XMLHelper; +import org.springframework.util.xml.DomUtils; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.xml.sax.SAXException; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.MOAIDException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.ServiceException; import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder; @@ -75,9 +46,6 @@ import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder; import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; -import at.gv.egovernment.moa.id.auth.builder.InfoboxValidatorParamsBuilder; -import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; -import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; @@ -85,44 +53,45 @@ import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.BKUException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.exception.ServiceException; +import at.gv.egovernment.moa.id.auth.exception.ValidateException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.ExtendedInfoboxReadResponseParser; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet; import at.gv.egovernment.moa.id.auth.stork.STORKAuthnRequestProcessor; import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator; -import at.gv.egovernment.moa.id.auth.validator.ValidateException; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; +//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse; +//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient; +//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants; +import at.gv.egovernment.moa.id.client.SZRGWClient; +import at.gv.egovernment.moa.id.client.SZRGWClientException; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter; -import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters; import at.gv.egovernment.moa.id.config.stork.CPEPS; import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.Random; @@ -130,8 +99,6 @@ import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.BoolUtils; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.DateTimeUtils; @@ -139,6 +106,8 @@ import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; import at.gv.egovernment.moa.util.XPathUtils; +import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest; +import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; import eu.stork.mw.messages.saml.STORKAuthnRequest; import eu.stork.vidp.messages.builder.STORKMessagesBuilder; import eu.stork.vidp.messages.common.STORKConstants; @@ -161,8 +130,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { /** single instance */ private static AuthenticationServer instance; - /** session data store (session ID -> AuthenticationSession) */ - //private static Map sessionStore = new HashMap(); /** * time out in milliseconds used by {@link cleanup} for session store @@ -193,171 +160,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { super(); } -// /** -// * Processes request to select a BKU. <br/> -// * Processing depends on value of -// * {@link AuthConfigurationProvider#getBKUSelectionType}. <br/> -// * For <code>bkuSelectionType==HTMLComplete</code>, a <code>returnURI</code> -// * for the "BKU Auswahl" service is returned. <br/> -// * For <code>bkuSelectionType==HTMLSelect</code>, an HTML form for BKU -// * selection is returned. -// * -// * @param authURL -// * base URL of MOA-ID Auth component -// * @param target -// * "Geschäftsbereich" -// * @param oaURL -// * online application URL requested -// * @param bkuSelectionTemplateURL -// * template for BKU selection form to be used in case of -// * <code>HTMLSelect</code>; may be null -// * @param templateURL -// * URL providing an HTML template for the HTML form to be used -// * for call <code>startAuthentication</code> -// * @return for <code>bkuSelectionType==HTMLComplete</code>, the -// * <code>returnURI</code> for the "BKU Auswahl" service; for -// * <code>bkuSelectionType==HTMLSelect</code>, an HTML form for BKU -// * selection -// * @throws WrongParametersException -// * upon missing parameters -// * @throws AuthenticationException -// * when the configured BKU selection service cannot be reached, -// * and when the given bkuSelectionTemplateURL cannot be reached -// * @throws ConfigurationException -// * on missing configuration data -// * @throws BuildException -// * while building the HTML form -// */ -// public String selectBKU(String authURL, String target, String oaURL, -// String bkuSelectionTemplateURL, String templateURL) -// throws WrongParametersException, AuthenticationException, -// ConfigurationException, BuildException { -// -// // check if HTTP Connection may be allowed (through -// // FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY) -// String boolStr = AuthConfigurationProvider -// .getInstance() -// .getGenericConfigurationParameter( -// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY); -// if ((!authURL.startsWith("https:")) -// && (false == BoolUtils.valueOf(boolStr))) -// throw new AuthenticationException("auth.07", new Object[] { authURL -// + "*" }); -// if (isEmpty(authURL)) -// throw new WrongParametersException("StartAuthentication", -// "AuthURL", "auth.05"); -// if (isEmpty(oaURL)) -// throw new WrongParametersException("StartAuthentication", PARAM_OA, -// "auth.05"); -// -// ConnectionParameter bkuConnParam = AuthConfigurationProvider -// .getInstance().getBKUConnectionParameter(); -// if (bkuConnParam == null) -// throw new ConfigurationException("config.08", -// new Object[] { "BKUSelection/ConnectionParameter" }); -// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() -// .getOnlineApplicationParameter(oaURL); -// if (oaParam == null) -// throw new AuthenticationException("auth.00", new Object[] { oaURL }); -// -// if (!oaParam.getBusinessService()) { -// if (isEmpty(target)) -// throw new WrongParametersException("StartAuthentication", -// PARAM_TARGET, "auth.05"); -// } else { -// if (!isEmpty(target)) { -// Logger -// .info("Ignoring target parameter thus application type is \"businessService\""); -// } -// target = null; -// } -// -// AuthenticationSession session = newSession(); -// Logger.info("MOASession " + session.getSessionID() + " angelegt"); -// session.setTarget(target); -// session.setOAURLRequested(oaURL); -// session.setPublicOAURLPrefix(oaParam.getPublicURLPrefix()); -// session.setAuthURL(authURL); -// session.setTemplateURL(templateURL); -// session.setBusinessService(oaParam.getBusinessService()); -// -// try { -// AuthenticationSessionStoreage.storeSession(session); -// -// } catch (MOADatabaseException e) { -// throw new AuthenticationException("", null); -// } -// -// String returnURL = new DataURLBuilder().buildDataURL(authURL, -// REQ_START_AUTHENTICATION, session.getSessionID()); -// String bkuSelectionType = AuthConfigurationProvider.getInstance() -// .getBKUSelectionType(); -// if (bkuSelectionType -// .equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) { -// // bkuSelectionType==HTMLComplete -// String redirectURL = bkuConnParam.getUrl() + "?" -// + AuthServlet.PARAM_RETURN + "=" + returnURL; -// return redirectURL; -// } else { -// // bkuSelectionType==HTMLSelect -// String bkuSelectTag; -// try { -// bkuSelectTag = readBKUSelectTag(AuthConfigurationProvider -// .getInstance(), bkuConnParam); -// } catch (Throwable ex) { -// throw new AuthenticationException("auth.11", new Object[] { -// bkuConnParam.getUrl(), ex.toString() }, ex); -// } -// String bkuSelectionTemplate = null; -// -// //removed in MOAID 2.0 -// // override template url by url from configuration file -//// if (oaParam.getBkuSelectionTemplateURL() != null) { -//// bkuSelectionTemplateURL = oaParam.getBkuSelectionTemplateURL(); -//// } -// -//// if (bkuSelectionTemplateURL != null) { -//// try { -//// bkuSelectionTemplate = new String(FileUtils -//// .readURL(bkuSelectionTemplateURL)); -//// } catch (IOException ex) { -//// throw new AuthenticationException("auth.03", new Object[] { -//// bkuSelectionTemplateURL, ex.toString() }, ex); -//// } -//// } -// -// String htmlForm = new SelectBKUFormBuilder().build( -// bkuSelectionTemplate, returnURL, bkuSelectTag); -// return htmlForm; -// } -// } - - /** - * Method readBKUSelectTag. - * - * @param conf - * the ConfigurationProvider - * @param connParam - * the ConnectionParameter for that connection - * @return String - * @throws ConfigurationException - * on config-errors - * @throws PKIException - * on PKI errors - * @throws IOException - * on any data error - * @throws GeneralSecurityException - * on security errors - */ - private String readBKUSelectTag(ConfigurationProvider conf, - ConnectionParameter connParam) throws ConfigurationException, - PKIException, IOException, GeneralSecurityException { - - if (connParam.isHTTPSURL()) - return SSLUtils.readHttpsURL(conf, connParam); - else - return HTTPUtils.readHttpURL(connParam.getUrl()); - } /** * Processes the beginning of an authentication session. @@ -394,7 +196,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @param templateMandteURL * URL providing an HTML template for the HTML form generated * (for signing in mandates mode) - * @param scheme + * @param req * determines the protocol used * @param sourceID * @return HTML form @@ -402,7 +204,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @see GetIdentityLinkFormBuilder * @see InfoboxReadRequestBuilder */ - public String startAuthentication(AuthenticationSession session, String scheme) throws WrongParametersException, + public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException, AuthenticationException, ConfigurationException, BuildException { if (session == null) { @@ -440,12 +242,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { //build ReadInfobox request infoboxReadRequest = new InfoboxReadRequestBuilder().build( - oaParam.isSlVersion12(), isbuisness, domainIdentifier); + isbuisness, domainIdentifier); } else { //build ReadInfobox request infoboxReadRequest = new InfoboxReadRequestBuilder().build( - oaParam.isSlVersion12(), oaParam.getBusinessService(), oaParam + oaParam.getBusinessService(), oaParam .getIdentityLinkDomainIdentifier()); } @@ -456,6 +258,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { //removed in MOAID 2.0 String pushInfobox = ""; + // VerifyInfoboxParameters verifyInfoboxParameters = oaParam // .getVerifyInfoboxParameters(); // if (verifyInfoboxParameters != null) { @@ -465,14 +268,20 @@ public class AuthenticationServer implements MOAIDAuthConstants { //build CertInfo request String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder() - .build(oaParam.isSlVersion12()); + .build(); String certInfoDataURL = new DataURLBuilder() .buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION, session.getSessionID()); + //get Applet Parameters + String appletwidth = req.getParameter(PARAM_APPLET_WIDTH); + String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH); + appletheigth = StringEscapeUtils.escapeHtml(appletheigth); + appletwidth = StringEscapeUtils.escapeHtml(appletwidth); + String htmlForm = new GetIdentityLinkFormBuilder().build(template, session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest, - certInfoDataURL, pushInfobox); + certInfoDataURL, pushInfobox, oaParam, appletheigth, appletwidth); return htmlForm; } @@ -501,11 +310,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { * including the <code><InfoboxReadResponse></code> * @return String representation of the * <code><CreateXMLSignatureRequest></code> + * @throws BKUException */ public String verifyIdentityLink(AuthenticationSession session, - Map infoboxReadResponseParameters) throws AuthenticationException, + Map<String, String> infoboxReadResponseParameters) throws AuthenticationException, BuildException, ParseException, ConfigurationException, - ValidateException, ServiceException { + ValidateException, ServiceException, BKUException { if (session == null) throw new AuthenticationException("auth.10", new Object[] { @@ -514,18 +324,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { String xmlInfoboxReadResponse = (String) infoboxReadResponseParameters .get(PARAM_XMLRESPONSE); - // System.out.println("PB: " + xmlInfoboxReadResponse); - if (isEmpty(xmlInfoboxReadResponse)) throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE }); - -// AuthenticationSession session = getSession(sessionID); -// if (session.getTimestampIdentityLink() != null) -// throw new AuthenticationException("auth.01", -// new Object[] { sessionID }); - session.setTimestampIdentityLink(); AuthConfigurationProvider authConf = AuthConfigurationProvider .getInstance(); @@ -551,24 +353,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { return null; } - // for testing new identity link certificate - // xmlInfoboxReadResponse = null; - // try { - // File file = new File("c:/temp/XXXMuster.xml"); - // FileInputStream fis; - // - // fis = new FileInputStream(file); - // byte[] array = Utils.readFromInputStream(fis); - // - // xmlInfoboxReadResponse = new String(array); - // System.out.println(xmlInfoboxReadResponse); - // - // } catch (FileNotFoundException e) { - // e.printStackTrace(); - // } catch (UtilsException e) { - // e.printStackTrace(); - // } - // parses the <InfoboxReadResponse> IdentityLink identityLink = new InfoboxReadResponseParser( xmlInfoboxReadResponse).parseIdentityLink(); @@ -586,10 +370,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); - if (identityLink.getIdentificationType().equalsIgnoreCase( - Constants.URN_PREFIX_BASEID)) { - } - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); @@ -608,13 +388,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setIdentityLink(identityLink); // now validate the extended infoboxes - //TODO: check correctness -// verifyInfoboxes(session, infoboxReadResponseParameters, !oaParam -// .getProvideStammzahl()); - verifyInfoboxes(session, infoboxReadResponseParameters, false); + //Removed in MOA-ID 2.0 + //verifyInfoboxes(session, infoboxReadResponseParameters, false); - - //TODO: make it better!! return "found!"; } @@ -706,7 +482,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[] { GET_MIS_SESSIONID, PARAM_SESSIONID }); - //AuthenticationSession session = getSession(sessionID); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); @@ -760,26 +535,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { .getOnlineApplicationParameter( session.getPublicOAURLPrefix()); - //TODO: CHECK!! is moved to buildAuthenticationBlock to hold the baseID in identitylink - // if (!fromMandate) { - // BZ.., calculate bPK for signing to be already present in AuthBlock -// IdentityLink identityLink = session.getIdentityLink(); -// if (identityLink.getIdentificationType().equals( -// Constants.URN_PREFIX_BASEID)) { -// // only compute bPK if online application is a public service and we -// // have the Stammzahl -// String bpkBase64 = new BPKBuilder().buildBPK(identityLink -// .getIdentificationValue(), session.getTarget()); -// identityLink.setIdentificationValue(bpkBase64); -// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget()); -// } - // ..BZ - // } - // builds the AUTH-block - String authBlock = buildAuthenticationBlock(session, oaParam); + String authBlock = buildAuthenticationBlock(session, oaParam); - // session.setAuthBlock(authBlock); // builds the <CreateXMLSignatureRequest> List<String> transformsInfos = oaParam.getTransformsInfos(); if ((transformsInfos == null) || (transformsInfos.size() == 0)) { @@ -788,81 +546,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { } String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder() .build(authBlock, oaParam.getKeyBoxIdentifier(), - transformsInfos, oaParam.isSlVersion12()); + transformsInfos); return createXMLSignatureRequest; } -// /** -// * -// * @param session -// * @param authConf -// * @param oaParam -// * @return -// * @throws ConfigurationException -// * @throws BuildException -// * @throws ValidateException -// */ -// public String getCreateXMLSignatureRequestAuthBlockOrRedirectForOW( -// AuthenticationSession session, AuthConfigurationProvider authConf, -// OAAuthParameter oaParam, boolean isOW) throws ConfigurationException, -// BuildException, ValidateException { -// -// // check for intermediate processing of the infoboxes -// if (session.isValidatorInputPending()) -// return "Redirect to Input Processor"; -// -// if (authConf == null) -// authConf = AuthConfigurationProvider.getInstance(); -// if (oaParam == null) -// oaParam = AuthConfigurationProvider.getInstance() -// .getOnlineApplicationParameter( -// session.getPublicOAURLPrefix()); -// -// // BZ.., calculate bPK for signing to be already present in AuthBlock -// IdentityLink identityLink = session.getIdentityLink(); -// if (identityLink.getIdentificationType().equals( -// Constants.URN_PREFIX_BASEID)) { -// -// // only compute bPK if online application is a public service and we -// // have the Stammzahl -//// if (isOW) { -//// // if person is OW, delete identification value (bPK is calculated via MIS) -//// identityLink.setIdentificationValue(null); -//// identityLink.setIdentificationType(null); -//// } -//// else { -// -// //TODO: check correctness!!! bpk calcultion is done during Assertion generation -//// String bpkBase64 = new BPKBuilder().buildBPK(identityLink -//// .getIdentificationValue(), session.getTarget()); -//// identityLink.setIdentificationValue(bpkBase64); -//// -//// //TODO: insert correct Type!!!! -//// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget()); -//// } -// -// } -// // ..BZ -// // } -// -// // builds the AUTH-block -// String authBlock = buildAuthenticationBlockForOW(session, oaParam, isOW); -// -// // session.setAuthBlock(authBlock); -// // builds the <CreateXMLSignatureRequest> -// List<String> transformsInfos = oaParam.getTransformsInfos(); -// if ((transformsInfos == null) || (transformsInfos.size() == 0)) { -// // no OA specific transforms specified, use default ones -// transformsInfos = authConf.getTransformsInfos(); -// } -// String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder() -// .build(authBlock, oaParam.getKeyBoxIdentifier(), -// transformsInfos, oaParam.isSlVersion12()); -// -// System.out.println("XML: " + createXMLSignatureRequest); -// -// return createXMLSignatureRequest; -// } /** * Returns an CreateXMLSignatureRequest for signing the ERnP statement.<br> * <ul> @@ -885,15 +572,11 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID }); -// AuthenticationSession session = getSession(sessionID); - AuthConfigurationProvider authConf = AuthConfigurationProvider .getInstance(); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - //session.setSignerCertificate(cert); return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam, cert); @@ -938,11 +621,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @param createXMLSignatureResponseParameters * The parameters from the response returned from the BKU * including the <code><CreateXMLSignatureResponse></code> + * @throws BKUException */ public X509Certificate verifyXMLSignature(String sessionID, - Map createXMLSignatureResponseParameters) + Map<String, String> createXMLSignatureResponseParameters) throws AuthenticationException, BuildException, ParseException, - ConfigurationException, ValidateException, ServiceException { + ConfigurationException, ValidateException, ServiceException, BKUException { if (isEmpty(sessionID)) throw new AuthenticationException("auth.10", new Object[] { @@ -955,12 +639,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[] { REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE }); - //AuthenticationSession session = getSession(sessionID); - /* - * if (session.getTimestampIdentityLink() != null) throw new - * AuthenticationException("auth.01", new Object[] { sessionID }); - */ - // session.setTimestampIdentityLink(); AuthConfigurationProvider authConf = AuthConfigurationProvider .getInstance(); @@ -983,8 +661,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); - // int code = verifyXMLSignatureResponse.getSignatureCheckCode(); - return verifyXMLSignatureResponse.getX509certificate(); } @@ -1005,11 +681,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @param readInfoboxResponseParameters * The parameters from the response returned from the BKU * including the <code><ReadInfoboxResponse></code> + * @throws BKUException */ public X509Certificate getCertificate(String sessionID, - Map readInfoboxResponseParameters) throws AuthenticationException, + Map<String, String> readInfoboxResponseParameters) throws AuthenticationException, BuildException, ParseException, ConfigurationException, - ValidateException, ServiceException { + ValidateException, ServiceException, BKUException { if (isEmpty(sessionID)) throw new AuthenticationException("auth.10", new Object[] { @@ -1054,40 +731,40 @@ public class AuthenticationServer implements MOAIDAuthConstants { String identificationValue = null; String identificationType = null; - if (identityLink.getIdentificationType().equals( - Constants.URN_PREFIX_BASEID)) { - // only compute bPK if online application is a public service and we - // have the Stammzahl + //set empty AuthBlock BPK in case of OW or SSO or bpk is not requested + if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) { + identificationType = ""; + identificationValue = ""; + } else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { + + if (oaParam.getBusinessService()) { - if (session.isSsoRequested()) { - identificationType = ""; - identificationValue = ""; + String bpkBase64 = new BPKBuilder().buildWBPK(identityLink + .getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier()); + identificationValue = bpkBase64; + + if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+" )) + identificationType = oaParam.getIdentityLinkDomainIdentifier(); + else + identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier(); } else { String bpkBase64 = new BPKBuilder().buildBPK(identityLink - .getIdentificationValue(), session.getTarget()); + .getIdentificationValue(), session.getTarget()); identificationValue = bpkBase64; identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget(); } -// identityLink.setIdentificationValue(bpkBase64); -// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget()); - + } else { identificationValue = identityLink.getIdentificationValue(); identificationType = identityLink.getIdentificationType(); } - - //set empty AuthBlock BPK in case of OW - if (session.isOW()) { - identificationType = ""; - identificationValue = ""; - } - - String issueInstant = DateTimeUtils.buildDateTime(Calendar - .getInstance(), oaParam.getUseUTC()); + + String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar + .getInstance()); session.setIssueInstant(issueInstant); String authURL = session.getAuthURL(); String target = session.getTarget(); @@ -1097,7 +774,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { // (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105) // String oaURL = session.getPublicOAURLPrefix(); - List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); + List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); if (session.isSsoRequested()) { @@ -1125,310 +802,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { identificationType, oaURL, gebDat, extendedSAMLAttributes, session, oaParam); return authBlock; - } - - - - - + } } - -// /** -// * Builds an authentication block <code><saml:Assertion></code> from -// * given session data. -// * -// * @param session -// * authentication session -// * -// * @return <code><saml:Assertion></code> as a String -// * -// * @throws BuildException -// * If an error occurs on serializing an extended SAML attribute -// * to be appended to the AUTH-Block. -// */ -// private String buildAuthenticationBlockForOW(AuthenticationSession session, -// OAAuthParameter oaParam, boolean isOW) throws BuildException { -// IdentityLink identityLink = session.getIdentityLink(); -// String issuer = identityLink.getName(); -// String gebDat = identityLink.getDateOfBirth(); -// String identificationValue = identityLink.getIdentificationValue(); -// String identificationType = identityLink.getIdentificationType(); -// -// String issueInstant = DateTimeUtils.buildDateTime(Calendar -// .getInstance(), oaParam.getUseUTC()); -// session.setIssueInstant(issueInstant); -// String authURL = session.getAuthURL(); -// String target = session.getTarget(); -// String targetFriendlyName = session.getTargetFriendlyName(); -// // Bug #485 -// // (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105) -// // String oaURL = session.getPublicOAURLPrefix(); -// String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&"); -// -// -// List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); -// Iterator it = extendedSAMLAttributes.iterator(); -// // delete bPK attribute from extended SAML attributes -// if (session.isOW()) { -// ExtendedSAMLAttribute toDelete = null; -// while (it.hasNext()) { -// ExtendedSAMLAttribute attr = (ExtendedSAMLAttribute)it.next(); -// if (attr.getName().equalsIgnoreCase("bPK")) -// toDelete = attr; -// } -// if (toDelete != null) -// extendedSAMLAttributes.remove(toDelete); -// } -// -// String authBlock = new AuthenticationBlockAssertionBuilder() -// .buildAuthBlock(issuer, issueInstant, authURL, target, -// targetFriendlyName, identificationValue, -// identificationType, oaURL, gebDat, -// extendedSAMLAttributes, session, oaParam); -// -// return authBlock; -// } - /** - * Verifies the infoboxes (except of the identity link infobox) returned by - * the BKU by calling appropriate validator classes. - * - * @param session - * The actual authentication session. - * @param infoboxReadResponseParams - * The parameters returned from the BKU as response to an infobox - * read request (including the infobox tokens to be verified). - * @param hideStammzahl - * Indicates whether source pins (<code>Stammzahl</code>en) - * should be hidden in any SAML attribute that may be returned by - * a validator. - * - * @throws AuthenticationException - * If the verification of at least one infobox fails. - * @throws ConfigurationException - * If the OAuthParameter cannot be extracted. - */ - private void verifyInfoboxes(AuthenticationSession session, - Map infoboxReadResponseParams, boolean hideStammzahl) - throws ValidateException, ConfigurationException { - - AuthConfigurationProvider authConfigurationProvider = AuthConfigurationProvider - .getInstance(); - // get the default VerifyInfobox parameters - Map defaultInfoboxParameters = null; - - //removed in MOA-ID 2.0 -// VerifyInfoboxParameters defaultVerifyInfoboxParameters = authConfigurationProvider -// .getDefaultVerifyInfoboxParameters(); -// if (defaultVerifyInfoboxParameters != null) { -// defaultInfoboxParameters = defaultVerifyInfoboxParameters -// .getInfoboxParameters(); -// } - - // get the OA specific VerifyInfobox parameters - Map infoboxParameters = null; - OAAuthParameter oaParam = authConfigurationProvider - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - //TODO: check correctness!!!! - //removed in MOAID 2.0 -// VerifyInfoboxParameters verifyInfoboxParameters = oaParam -// .getVerifyInfoboxParameters(); -// VerifyInfoboxParameters verifyInfoboxParameters = null; - - session.setExtendedSAMLAttributesAUTH(new Vector()); // Initialize SAML - // Attributes - session.setExtendedSAMLAttributesOA(new Vector()); - // System.out.println("SAML set: " + - // session.getExtendedSAMLAttributesAUTH().size()); - -// if (verifyInfoboxParameters != null) { -// -// infoboxParameters = verifyInfoboxParameters.getInfoboxParameters(); -// // get the list of infobox identifiers -// List identifiers = verifyInfoboxParameters.getIdentifiers(); -// if (identifiers != null) { -// // step through the identifiers and verify the infoboxes -// Iterator it = identifiers.iterator(); -// while (it.hasNext()) { -// String identifier = (String) it.next(); -// // get the infobox read response from the map of parameters -// String infoboxReadResponse = (String) infoboxReadResponseParams -// .get(identifier); -// // get the configuration parameters -// VerifyInfoboxParameter verifyInfoboxParameter = null; -// Object object = infoboxParameters.get(identifier); -// // if not present, use default -// if ((object == null) && (defaultInfoboxParameters != null)) { -// object = defaultInfoboxParameters.get(identifier); -// } -// if (object != null) { -// verifyInfoboxParameter = (VerifyInfoboxParameter) object; -// } -// if (infoboxReadResponse != null) { -// if (verifyInfoboxParameter == null) { -// // should not happen because of the pushinfobox -// // mechanism; check it anyway -// Logger.error("No validator for verifying \"" -// + identifier + "\"-infobox configured."); -// throw new ValidateException("validator.41", -// new Object[] { identifier }); -// } else { -// String friendlyName = verifyInfoboxParameter -// .getFriendlyName(); -// boolean isParepRequest = false; -// -// // parse the infobox read reponse -// List infoboxTokenList = null; -// try { -// infoboxTokenList = ExtendedInfoboxReadResponseParser -// .parseInfoboxReadResponse( -// infoboxReadResponse, -// friendlyName); -// } catch (ParseException e) { -// Logger -// .error("InfoboxReadResponse for \"" -// + identifier -// + "\"-infobox could not be parsed successfully: " -// + e.getMessage()); -// throw new ValidateException("validator.43", -// new Object[] { friendlyName }); -// } -// // set compatibility mode for mandates infobox and -// // all infoboxes (it is possible to be a parep -// // infobox) -// // session.setMandateCompatibilityMode(ParepConfiguration.isMandateCompatibilityMode(verifyInfoboxParameter.getApplicationSpecificParams())); -// // check for party representation in mandates -// // infobox -// if (Constants.INFOBOXIDENTIFIER_MANDATES -// .equalsIgnoreCase(identifier) -// && !((infoboxTokenList == null || infoboxTokenList -// .size() == 0))) { -// // We need app specific parameters -// if (null == verifyInfoboxParameter -// .getApplicationSpecificParams()) { -// throw new ValidateException("validator.66", -// new Object[] { friendlyName }); -// } -// Element mandate = ParepValidator -// .extractPrimaryToken(infoboxTokenList); -// // ParepUtils.serializeElement(mandate, -// // System.out); -// String mandateID = ParepUtils -// .extractRepresentativeID(mandate); -// if (!isEmpty(mandateID) -// && ("*".equals(mandateID) || mandateID -// .startsWith(MOAIDAuthConstants.PARTY_REPRESENTATION_OID_NUMBER))) { -// isParepRequest = true; -// } -// if (!isParepRequest) { -// // if mandates validator is disabled we must -// // throw an error in this case -// if (!ParepUtils -// .isValidatorEnabled(verifyInfoboxParameter -// .getApplicationSpecificParams())) { -// throw new ValidateException( -// "validator.60", -// new Object[] { friendlyName }); -// } -// } -// } -// -// // get the class for validating the infobox -// InfoboxValidator infoboxValidator = null; -// try { -// Class validatorClass = null; -// if (isParepRequest) { -// // Mandates infobox in party representation -// // mode -// validatorClass = Class -// .forName("at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator"); -// } else { -// validatorClass = Class -// .forName(verifyInfoboxParameter -// .getValidatorClassName()); -// } -// infoboxValidator = (InfoboxValidator) validatorClass -// .newInstance(); -// } catch (Exception e) { -// Logger -// .error("Could not load validator class \"" -// + verifyInfoboxParameter -// .getValidatorClassName() -// + "\" for \"" -// + identifier -// + "\"-infobox: " -// + e.getMessage()); -// throw new ValidateException("validator.42", -// new Object[] { friendlyName }); -// } -// Logger -// .debug("Successfully loaded validator class \"" -// + verifyInfoboxParameter -// .getValidatorClassName() -// + "\" for \"" -// + identifier -// + "\"-infobox."); -// // build the parameters for validating the infobox -// InfoboxValidatorParams infoboxValidatorParams = InfoboxValidatorParamsBuilder -// .buildInfoboxValidatorParams(session, -// verifyInfoboxParameter, -// infoboxTokenList, oaParam); -// -// // now validate the infobox -// InfoboxValidationResult infoboxValidationResult = null; -// try { -// infoboxValidationResult = infoboxValidator -// .validate(infoboxValidatorParams); -// } catch (ValidateException e) { -// Logger.error("Error validating " + identifier -// + " infobox:" + e.getMessage()); -// throw new ValidateException("validator.44", -// new Object[] { friendlyName }); -// } -// if (!infoboxValidationResult.isValid()) { -// Logger.info("Validation of " + identifier -// + " infobox failed."); -// throw new ValidateException("validator.40", -// new Object[] { -// friendlyName, -// infoboxValidationResult -// .getErrorMessage() }); -// } -// -// Logger.info(identifier -// + " infobox successfully validated."); -// // store the validator for post processing -// session.addInfoboxValidator(identifier, -// friendlyName, infoboxValidator); -// -// // get the SAML attributes to be appended to the -// // AUTHBlock or to the final -// // SAML Assertion -// AddAdditionalSAMLAttributes(session, -// infoboxValidationResult -// .getExtendedSamlAttributes(), -// identifier, friendlyName); -// } -// } else { -// if ((verifyInfoboxParameter != null) -// && (verifyInfoboxParameter.isRequired())) { -// Logger -// .info("Infobox \"" -// + identifier -// + "\" is required, but not returned from the BKU"); -// throw new ValidateException("validator.48", -// new Object[] { verifyInfoboxParameter -// .getFriendlyName() }); -// } -// Logger.debug("Infobox \"" + identifier -// + "\" not returned from BKU."); -// } -// } -// } -// } - } /** * Verifies the infoboxes (except of the identity link infobox) returned by @@ -1459,7 +836,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { for (int i = 0; i < length; i++) { ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i]; - Object value = verifySAMLAttribute(samlAttribute, i, "MISService", + verifySAMLAttribute(samlAttribute, i, "MISService", "MISService"); } @@ -1494,57 +871,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { } -// /** -// * Intermediate processing of the infoboxes. The first pending infobox -// * validator may validate the provided input -// * -// * @param session -// * The current authentication session -// * @param parameters -// * The parameters got returned by the user input fields -// */ -// public static void processInput(AuthenticationSession session, -// Map parameters) throws ValidateException { -// -// // post processing of the infoboxes -// Iterator iter = session.getInfoboxValidatorIterator(); -// if (iter != null) { -// while (iter.hasNext()) { -// Vector infoboxValidatorVector = (Vector) iter.next(); -// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector -// .get(2); -// if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) { -// String identifier = (String) infoboxValidatorVector.get(0); -// String friendlyName = (String) infoboxValidatorVector -// .get(1); -// InfoboxValidationResult infoboxValidationResult = null; -// try { -// infoboxValidationResult = infoboxvalidator -// .validate(parameters); -// } catch (ValidateException e) { -// Logger.error("Error validating " + identifier -// + " infobox:" + e.getMessage()); -// throw new ValidateException("validator.44", -// new Object[] { friendlyName }); -// } -// if (!infoboxValidationResult.isValid()) { -// Logger.info("Validation of " + identifier -// + " infobox failed."); -// throw new ValidateException("validator.40", -// new Object[] { -// friendlyName, -// infoboxValidationResult -// .getErrorMessage() }); -// } -// AddAdditionalSAMLAttributes( -// session, -// infoboxValidationResult.getExtendedSamlAttributes(), -// identifier, friendlyName); -// } -// } -// } -// } - /** * Adds given SAML Attributes to the current session. They will be appended * to the final SAML Assertion or the AUTH block. If the attributes are @@ -1565,12 +891,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { String friendlyName) throws ValidateException { if (extendedSAMLAttributes == null) return; - List oaAttributes = session.getExtendedSAMLAttributesOA(); + List<ExtendedSAMLAttribute> oaAttributes = session.getExtendedSAMLAttributesOA(); if (oaAttributes == null) - oaAttributes = new Vector(); - List authAttributes = session.getExtendedSAMLAttributesAUTH(); + oaAttributes = new Vector<ExtendedSAMLAttribute>(); + List<ExtendedSAMLAttribute> authAttributes = session.getExtendedSAMLAttributesAUTH(); if (authAttributes == null) - authAttributes = new Vector(); + authAttributes = new Vector<ExtendedSAMLAttribute>(); int length = extendedSAMLAttributes.length; for (int i = 0; i < length; i++) { ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i]; @@ -1616,33 +942,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setExtendedSAMLAttributesOA(oaAttributes); } - // /** - // * Adds given SAML Attributes to the current session. They will be - // appended - // * to the final SAML Assertion or the AUTH block. If the attributes are - // * already in the list, they will be replaced. - // * - // * @param session The current session - // * @param extendedSAMLAttributes The SAML attributes to add - // * @param identifier The infobox identifier for debug purposes - // * @param friendlyNam The friendly name of the infobox for debug purposes - // */ - // private static void AddAdditionalSAMLAttributes(AuthenticationSession - // session, MISMandate mandate) throws ValidateException - // { - // - // List oaAttributes = session.getExtendedSAMLAttributesOA(); - // if (oaAttributes==null) oaAttributes = new Vector(); - // List authAttributes = session.getExtendedSAMLAttributesAUTH(); - // if (authAttributes==null) authAttributes = new Vector(); - // - // - // addExtendedSamlAttributes(authAttributes, mandate); - // - // session.setExtendedSAMLAttributesAUTH(authAttributes); - // session.setExtendedSAMLAttributesOA(oaAttributes); - // } - /** * Adds the AUTH block related SAML attributes to the validation result. * This is needed always before the AUTH block is to be signed, because the @@ -1658,15 +957,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { MISMandate mandate, boolean business, boolean provideStammzahl) throws SAXException, IOException, ParserConfigurationException, TransformerException { - Vector extendedSamlAttributes = new Vector(); + Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>(); extendedSamlAttributes.clear(); - // extendedSamlAttributes.add(new - // ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_RAW, - // mandate, SZRGWConstants.MANDATE_NS, - // ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); - // Name Element domMandate = mandateToElement(mandate); Element nameSpaceNode = domMandate.getOwnerDocument().createElement( @@ -1679,27 +973,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { Element mandator = (Element) XPathAPI.selectSingleNode(domMandate, "//md:Mandate/md:Mandator", nameSpaceNode); - // first check if physical person - // Element name = (Element) XPathAPI.selectSingleNode(mandator, - // "descendant-or-self::pr:Name/pr:GivenName", nameSpaceNode); - // String mandatorname = ParepUtils.extractMandatorName(mandator); - - // extendedSamlAttributes.add(new - // ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_NAME, - // mandatorname, SZRGWConstants.MANDATE_NS, - // ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - // Geburtsdatum - // String dob = ParepUtils.extractMandatorDateOfBirth(mandator); - // if (dob != null && !"".equals(dob)) { - // extendedSamlAttributes.add(new - // ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_DOB, dob, - // SZRGWConstants.MANDATE_NS, - // ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - // } - // Mandate extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_RAW, domMandate, + EXT_SAML_MANDATE_RAW, domMandate, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); @@ -1712,28 +988,19 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (!ParepUtils.isEmpty(idType) && idType.startsWith(Constants.URN_PREFIX_BASEID)) { extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_CB_BASE_ID, + EXT_SAML_MANDATE_CB_BASE_ID, ParepUtils.getRegisterString(idType) + ": " + wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); } } else if (business) { extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_WBPK, wbpk, + EXT_SAML_MANDATE_WBPK, wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); } } - // String oid = mandate.getProfRep(); - // if (oid != null) { - // String oidDescription = mandate.getTextualDescriptionOfOID(); - // extendedSamlAttributes.add(new - // ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, - // oidDescription, SZRGWConstants.MANDATE_NS, - // ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - // } - ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes .size()]; extendedSamlAttributes.copyInto(ret); @@ -1756,14 +1023,14 @@ public class AuthenticationServer implements MOAIDAuthConstants { MISMandate mandate, boolean business) throws SAXException, IOException, ParserConfigurationException, TransformerException { - Vector extendedSamlAttributes = new Vector(); + Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>(); extendedSamlAttributes.clear(); // RepresentationType extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTYPE, - ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTEXT, + EXT_SAML_MANDATE_REPRESENTATIONTYPE, + EXT_SAML_MANDATE_REPRESENTATIONTEXT, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); @@ -1771,12 +1038,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (oid != null) { extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_OID, oid, + EXT_SAML_MANDATE_OID, oid, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); String oidDescription = mandate.getTextualDescriptionOfOID(); extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, + EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, oidDescription, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); @@ -1806,10 +1073,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { return doc.getDocumentElement(); } - protected static void replaceExtendedSAMLAttribute(List attributes, + protected static void replaceExtendedSAMLAttribute(List<ExtendedSAMLAttribute> attributes, ExtendedSAMLAttribute samlAttribute) { if (null == attributes) { - attributes = new Vector(); + attributes = new Vector<ExtendedSAMLAttribute>(); } else { String id = samlAttribute.getName(); int length = attributes.size(); @@ -1851,21 +1118,20 @@ public class AuthenticationServer implements MOAIDAuthConstants { * <code><CreateXMLSignatureResponse></code> * @return SAML artifact needed for retrieving authentication data, encoded * BASE64 + * @throws BKUException */ public String verifyAuthenticationBlock(AuthenticationSession session, String xmlCreateXMLSignatureReadResponse) throws AuthenticationException, BuildException, ParseException, - ConfigurationException, ServiceException, ValidateException { - + ConfigurationException, ServiceException, ValidateException, BKUException { + if (session == null) throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID }); if (isEmpty(xmlCreateXMLSignatureReadResponse)) throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); - - //AuthenticationSession session = getSession(sessionID); - + AuthConfigurationProvider authConf = AuthConfigurationProvider .getInstance(); // parses <CreateXMLSignatureResponse> @@ -1924,7 +1190,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, false); - // TODO See Bug #144 // Compare AuthBlock Data with information stored in session, especially // date and time CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp); @@ -1971,22 +1236,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } } } - -// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() -// .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); -// boolean useUTC = oaParam.getUseUTC(); -// boolean useCondition = oaParam.getUseCondition(); -// int conditionLength = oaParam.getConditionLength(); - - - //TL: moved to Authentification Data generation -// AuthenticationData authData = buildAuthenticationData(session, vsresp, -// useUTC, false); -// -// //set Authblock -// session.setAuthData(authData); - session.setXMLVerifySignatureResponse(vsresp); session.setSignerCertificate(vsresp.getX509certificate()); vsresp.setX509certificate(null); @@ -2010,42 +1260,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { Logger.info("Daten angelegt zu MOASession " + newMOASessionID); return newMOASessionID; - /* - String samlAssertion = new AuthenticationDataAssertionBuilder() - .build(authData, session.getAssertionPrPerson(), session - .getAssertionAuthBlock(), session - .getAssertionIlAssertion(), session.getBkuURL(), - session.getAssertionSignerCertificateBase64(), - session.getAssertionBusinessService(), session - .getExtendedSAMLAttributesOA(), - useCondition, conditionLength); - authData.setSamlAssertion(samlAssertion); - - String assertionFile = AuthConfigurationProvider.getInstance() - .getGenericConfigurationParameter( - "AuthenticationServer.WriteAssertionToFile"); - if (!ParepUtils.isEmpty(assertionFile)) - try { - ParepUtils.saveStringToFile(samlAssertion, new File( - assertionFile)); - } catch (IOException e) { - throw new BuildException("builder.00", new Object[] { - "AuthenticationData", e.toString() }, e); - } - - String samlArtifact = new SAMLArtifactBuilder().build(session - .getAuthURL(), session.getSessionID(), session - .getSourceID()); - storeAuthenticationData(samlArtifact, authData); - - // invalidates the authentication session - sessionStore.remove(sessionID); - Logger.info("Anmeldedaten zu MOASession " + sessionID - + " angelegt, SAML Artifakt " + samlArtifact); - return samlArtifact; - */ } - } /** @@ -2135,16 +1350,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { public String getForeignAuthenticationData(AuthenticationSession session) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ServiceException, ValidateException { - - //TODO: CHECK if STORK parts works correct!!!! if (session == null) throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID }); - - //AuthenticationSession session = getSession(sessionID); - // AuthConfigurationProvider authConf = - // AuthConfigurationProvider.getInstance(); // post processing of the infoboxes Iterator iter = session.getInfoboxValidatorIterator(); @@ -2188,19 +1397,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse(); X509Certificate cert = session.getSignerCertificate(); vsresp.setX509certificate(cert); - -// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() -// .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); -// boolean useUTC = oaParam.getUseUTC(); - -// boolean useCondition = oaParam.getUseCondition(); -// int conditionLength = oaParam.getConditionLength(); - - //TL: moved to Assertion generation. -// AuthenticationData authData = buildAuthenticationData(session, vsresp, -// useUTC, true); -// -// session.setAuthData(authData); session.setAuthenticatedUsed(false); session.setAuthenticated(true); @@ -2210,43 +1406,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setSignerCertificate(vsresp.getX509certificate()); vsresp.setX509certificate(null); session.setForeigner(true); - - return "new Session"; - - //TODO: regenerate MOASession ID! - /* - String samlAssertion = new AuthenticationDataAssertionBuilder().build( - authData, session.getAssertionPrPerson(), session - .getAssertionAuthBlock(), session - .getAssertionIlAssertion(), session.getBkuURL(), - session.getAssertionSignerCertificateBase64(), session - .getAssertionBusinessService(), session - .getExtendedSAMLAttributesOA(), useCondition, - conditionLength); - authData.setSamlAssertion(samlAssertion); - - String assertionFile = AuthConfigurationProvider.getInstance() - .getGenericConfigurationParameter( - "AuthenticationServer.WriteAssertionToFile"); - if (!ParepUtils.isEmpty(assertionFile)) - try { - ParepUtils.saveStringToFile(samlAssertion, new File( - assertionFile)); - } catch (IOException e) { - throw new BuildException("builder.00", new Object[] { - "AuthenticationData", e.toString() }, e); - } - String samlArtifact = new SAMLArtifactBuilder().build(session - .getAuthURL(), session.getSessionID(), session.getSourceID()); - storeAuthenticationData(samlArtifact, authData); - - // invalidates the authentication session - sessionStore.remove(sessionID); - Logger.info("Anmeldedaten zu MOASession " + sessionID - + " angelegt, SAML Artifakt " + samlArtifact); - - return samlArtifact;*/ + //TODO: regenerate MOASession ID! + return "new Session"; } /** @@ -2274,15 +1436,16 @@ public class AuthenticationServer implements MOAIDAuthConstants { AuthenticationData authData = new AuthenticationData(); VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); - boolean useUTC = oaParam.getUseUTC(); + boolean businessService = oaParam.getBusinessService(); authData.setMajorVersion(1); authData.setMinorVersion(0); authData.setAssertionID(Random.nextRandom()); authData.setIssuer(session.getAuthURL()); - authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar - .getInstance(), useUTC)); + + authData.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar + .getInstance())); //baseID or wbpk in case of BusinessService without SSO or BusinessService SSO authData.setIdentificationValue(identityLink.getIdentificationValue()); @@ -2297,7 +1460,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { authData.setPublicAuthorityCode(verifyXMLSigResp .getPublicAuthorityCode()); authData.setBkuURL(session.getBkuURL()); - authData.setUseUTC(oaParam.getUseUTC()); try { @@ -2305,6 +1467,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { MISMandate mandate = session.getMISMandate(); authData.setBPK(mandate.getOWbPK()); authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW"); + authData.setIdentityLink(identityLink); + + Logger.trace("Authenticated User is OW: " + mandate.getOWbPK()); } else { @@ -2330,8 +1495,11 @@ public class AuthenticationServer implements MOAIDAuthConstants { } else { authData.setBPK(identityLink.getIdentificationValue()); authData.setBPKType(identityLink.getIdentificationType()); + } - + + Logger.trace("Authenticate user with wbPK " + authData.getBPK()); + Element idlassertion = session.getIdentityLink().getSamlAssertion(); //set bpk/wpbk; Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); @@ -2353,6 +1521,8 @@ public class AuthenticationServer implements MOAIDAuthConstants { authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget()); } + Logger.trace("Authenticate user with bPK " + authData.getBPK()); + authData.setIdentityLink(identityLink); } } @@ -2380,8 +1550,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { try { session = AuthenticationSessionStoreage.getSession(id); - /*(AuthenticationSession) sessionStore - .get(id);*/ if (session == null) throw new AuthenticationException("auth.02", new Object[] { id }); return session; @@ -2397,14 +1565,18 @@ public class AuthenticationServer implements MOAIDAuthConstants { public void cleanup() { long now = new Date().getTime(); - //clean AuthenticationSessionStore - //TODO: acutally the StartAuthentificaten timestamp is used!!!!! - //TODO: maybe change this to lastupdate timestamp. + //clean AuthenticationSessionStore + AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated); - + //clean AssertionStore AssertionStorage assertionstore = AssertionStorage.getInstance(); assertionstore.clean(now, authDataTimeOut); + + //clean ExeptionStore + DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore(); + exstore.clean(now, authDataTimeOut); + } /** @@ -2500,58 +1672,78 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @return Identity link assertion * @throws SZRGWClientException */ - public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, Element signature) throws SZRGWClientException { + public at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse + getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, Element signature) throws SZRGWClientException { - SZRGWClient client = new SZRGWClient(); + SZRGWClient client = null; - try { + try { AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter(); - client.setAddress(connectionParameters.getUrl()); - if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) { - Logger.debug("Initialisiere SSL Verbindung"); - try { - client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters)); - } catch (IOException e) { - Logger.error("Could not initialize SSL Factory", e); - throw new SZRGWClientException("Could not initialize SSL Factory"); - } catch (GeneralSecurityException e) { - Logger.error("Could not initialize SSL Factory", e); - throw new SZRGWClientException("Could not initialize SSL Factory"); - } catch (PKIException e) { - Logger.error("Could not initialize SSL Factory", e); - throw new SZRGWClientException("Could not initialize SSL Factory"); - } - } + client = new SZRGWClient(connectionParameters); + + + CreateIdentityLinkRequest request = new CreateIdentityLinkRequest(); + request.setSignature(DOMUtils.serializeNode(signature).getBytes()); + + CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request , connectionParameters.getUrl()); + + + +// client.setAddress(connectionParameters.getUrl()); +// if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) { +// Logger.debug("Initialisiere SSL Verbindung"); +// try { +// client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters)); +// } catch (IOException e) { +// Logger.error("Could not initialize SSL Factory", e); +// throw new SZRGWClientException("Could not initialize SSL Factory"); +// } catch (GeneralSecurityException e) { +// Logger.error("Could not initialize SSL Factory", e); +// throw new SZRGWClientException("Could not initialize SSL Factory"); +// } catch (PKIException e) { +// Logger.error("Could not initialize SSL Factory", e); +// throw new SZRGWClientException("Could not initialize SSL Factory"); +// } +// } Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")..."); } catch (ConfigurationException e) { Logger.warn(e); Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null )); - } + } catch (TransformerException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } - // create request - CreateIdentityLinkResponse response = null; - Element request = null; - try { - Document doc = client.buildGetIdentityLinkRequest(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, signature); - request = doc.getDocumentElement(); - - // send request - response = client.createIdentityLinkResponse(request); - } catch (SZRGWClientException e) { - // give him a second try - Nach dem Starten des Tomcat wird beim ersten Mal das Client-Zertifikat offenbar vom HTTPClient nicht mitgeschickt. - try { - response = client.createIdentityLinkResponse(request); - } - catch (SZRGWClientException e1) { - throw new SZRGWClientException(e1); - } - } +// // create request +// CreateIdentityLinkResponse response = null; +// Element request = null; +// try { +// Document doc = client.buildGetIdentityLinkRequest(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, signature); +// request = doc.getDocumentElement(); +// +// // send request +// response = client.createIdentityLinkResponse(request, connectionParameters.getUrl()); +// +// +// +// } catch (SZRGWClientException e) { +// // give him a second try - Nach dem Starten des Tomcat wird beim ersten Mal das Client-Zertifikat offenbar vom HTTPClient nicht mitgeschickt. +//// try { +//// response = client.createIdentityLinkResponse(request); +//// } +//// catch (SZRGWClientException e1) { +//// throw new SZRGWClientException(e1); +//// } +// } - return response; + return null; } @@ -2761,13 +1953,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { } catch (Throwable e) { throw new CertificateException(e); } - -// CertificateFactory cf; -// X509Certificate cert = null; -// cf = CertificateFactory.getInstance("X.509"); -// CertificateFactory -// cert = (X509Certificate)cf.generateCertificate(is); -// return cert; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java index 82c1da74a..fe35866b1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java @@ -1,25 +1,4 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ + package at.gv.egovernment.moa.id.auth; @@ -37,7 +16,7 @@ import at.gv.egovernment.moa.logging.Logger; public class AuthenticationSessionCleaner implements Runnable { /** interval the <code>AuthenticationSessionCleaner</code> is run in */ - private static final long SESSION_CLEANUP_INTERVAL = 30 * 60; // 30 min + private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min /** * Runs the thread. Cleans the <code>AuthenticationServer</code> session store diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java index edc43da0c..f555cfb9a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java @@ -1,25 +1,4 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ + package at.gv.egovernment.moa.id.auth; @@ -139,4 +118,17 @@ public interface MOAIDAuthConstants { public static final List<String> REQ_BKU_TYPES = Arrays.asList(REQ_BKU_TYPE_LOCAL, REQ_BKU_TYPE_ONLINE, REQ_BKU_TYPE_HANDY); + public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; + public final static String EXT_SAML_MANDATE_OID = "OID"; + public final static String EXT_SAML_MANDATE_RAW = "Mandate"; + public final static String EXT_SAML_MANDATE_NAME = "MandatorName"; + public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth"; + public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk"; + public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; + public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter"; + public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier"; + + public static final String PARAM_APPLET_HEIGTH = "heigth"; + public static final String PARAM_APPLET_WIDTH = "width"; + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index 725773b75..848bf94af 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -1,35 +1,17 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ + package at.gv.egovernment.moa.id.auth; +import iaik.cms.ecc.IaikEccProvider; import iaik.pki.PKIException; import iaik.pki.jsse.IAIKX509TrustManager; +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; import java.io.IOException; -import java.math.BigInteger; import java.security.GeneralSecurityException; +import java.security.Security; import java.util.Properties; import javax.activation.CommandMap; @@ -39,6 +21,7 @@ import javax.net.ssl.SSLSocketFactory; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfigLoader; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; @@ -74,15 +57,24 @@ public class MOAIDAuthInitializer { Logger.info("Default java file.encoding: " + System.getProperty("file.encoding")); + + Logger.info("Loading security providers."); + IAIK.addAsProvider(); + + +// Security.insertProviderAt(new IAIK(), 1); +// Security.insertProviderAt(new ECCProvider(), 1); + //JDK bug workaround according to: // http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier // register content data handlers for S/MIME types MailcapCommandMap mc = new MailcapCommandMap(); CommandMap.setDefaultCommandMap(mc); - + // create some properties and get the default Session Properties props = new Properties(); props.put("mail.smtp.host", "localhost"); + Session session = Session.getDefaultInstance(props, null); // Restricts TLS cipher suites @@ -129,6 +121,9 @@ public class MOAIDAuthInitializer { "init.01", null), e); } + IAIK.addAsProvider(); + ECCProvider.addAsProvider(); + // Initializes SSLSocketFactory store SSLUtils.initialize(); @@ -174,33 +169,9 @@ public class MOAIDAuthInitializer { } - // sets the authentication session and authentication data time outs - BigInteger param = authConf.getTimeOuts().getMOASessionCreated(); - if (param != null) { - long sessionTimeOut = param.longValue(); - if (sessionTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutCreated(sessionTimeOut); - } - - param = authConf.getTimeOuts().getMOASessionUpdated(); - if (param != null) { - long sessionTimeOut = param.longValue(); - if (sessionTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutUpdated(sessionTimeOut); - } - - param = authConf.getTimeOuts().getAssertion(); - if (param != null) { - long authDataTimeOut = param.longValue(); - if (authDataTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsAuthDataTimeOut(authDataTimeOut); - } - // Starts the session cleaner thread to remove unpicked authentication data AuthenticationSessionCleaner.start(); + AuthConfigLoader.start(); } - -}
\ No newline at end of file + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java index bcad65eed..35109dfea 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java @@ -1,27 +1,25 @@ -/* - * Copyright 2003 Federal Chancellery Austria +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * + * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; import java.io.IOException; @@ -33,8 +31,8 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.StringUtils; @@ -82,11 +80,11 @@ public class AuthenticationAssertionBuilder { * * @throws ParseException If an error occurs on serializing an SAML attribute. */ - protected String buildExtendedSAMLAttributes(List extendedSAMLAttributes) throws ParseException + protected String buildExtendedSAMLAttributes(List<ExtendedSAMLAttribute> extendedSAMLAttributes) throws ParseException { StringBuffer sb = new StringBuffer(); if (extendedSAMLAttributes!=null) { - Iterator it = extendedSAMLAttributes.iterator(); + Iterator<ExtendedSAMLAttribute> it = extendedSAMLAttributes.iterator(); while (it.hasNext()) { ExtendedSAMLAttribute extendedSAMLAttribute = (ExtendedSAMLAttribute)it.next(); Object value = extendedSAMLAttribute.getValue(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java index ee2313070..db9bc588f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java @@ -1,25 +1,25 @@ -/* - * Copyright 2003 Federal Chancellery Austria +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * + * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. - */ + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; @@ -28,9 +28,7 @@ import java.io.StringWriter; import java.text.MessageFormat; import java.text.SimpleDateFormat; import java.util.Calendar; -import java.util.Date; import java.util.List; -import java.util.Locale; import javax.xml.bind.DatatypeConverter; import javax.xml.transform.Result; @@ -45,16 +43,15 @@ import javax.xml.transform.stream.StreamResult; import org.w3c.dom.Element; import org.w3c.dom.Node; -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; @@ -87,6 +84,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion " </saml:Attribute>" + NL + "{7}" + "{8}" + + "{9}" + " </saml:AttributeStatement>" + NL + "</saml:Assertion>"; @@ -110,6 +108,11 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion " <saml:AttributeValue>{0}</saml:AttributeValue>" + NL + " </saml:Attribute>" + NL; + private static String AUTHBLOCKTOKKEN_ATTRIBUTE = + " <saml:Attribute AttributeName=''UniqueTokken'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + + " <saml:AttributeValue>{0}</saml:AttributeValue>" + NL + + " </saml:Attribute>" + NL; + private static String PR_IDENTIFICATION_ATTRIBUTE = " <pr:Identification xmlns:pr=\"" + PD_NS_URI + "\">" + NL + @@ -120,8 +123,8 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion /** * The number of SAML attributes included in this AUTH-Block (without the extended SAML attributes). */ - public static final int NUM_OF_SAML_ATTRIBUTES = 4; - public static final int NUM_OF_SAML_ATTRIBUTES_SSO = 3; + public static final int NUM_OF_SAML_ATTRIBUTES = 5; + public static final int NUM_OF_SAML_ATTRIBUTES_SSO = 4; /** * Constructor for AuthenticationBlockAssertionBuilder. @@ -169,10 +172,11 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String identityLinkType, String oaURL, String gebDat, - List extendedSAMLAttributes, + List<ExtendedSAMLAttribute> extendedSAMLAttributes, AuthenticationSession session, OAAuthParameter oaParam) throws BuildException + { session.setSAMLAttributeGebeORwbpk(true); String gebeORwbpk = ""; @@ -267,11 +271,13 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion Logger.warn("Addional AuthBlock Text can not loaded from OA!", e); } - - String specialText = MessageFormat.format(SPECIAL_TEXT_ATTRIBUTE, new Object[] { generateSpecialText(text, issuer, issueInstant) }); + //generate unique AuthBlock tokken + String uniquetokken = Random.nextRandom(); + session.setAuthBlockTokken(uniquetokken); + String assertion; try { assertion = MessageFormat.format( @@ -284,6 +290,8 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion oaURL, gebDat, specialText, + MessageFormat.format(AUTHBLOCKTOKKEN_ATTRIBUTE, + new Object[] { uniquetokken }), buildExtendedSAMLAttributes(extendedSAMLAttributes)}); } catch (ParseException e) { Logger.error("Error on building AUTH-Block: " + e.getMessage()); @@ -332,7 +340,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String identityLinkType, String oaURL, String gebDat, - List extendedSAMLAttributes, + List<ExtendedSAMLAttribute> extendedSAMLAttributes, AuthenticationSession session) throws BuildException { @@ -418,6 +426,10 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String specialText = MessageFormat.format(SPECIAL_TEXT_ATTRIBUTE, new Object[] { generateSpecialText(text, issuer, issueInstant) }); + //generate unique AuthBlock tokken + String uniquetokken = Random.nextRandom(); + session.setAuthBlockTokken(uniquetokken); + String assertion; try { assertion = MessageFormat.format( @@ -430,6 +442,8 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion oaURL, gebDat, specialText, + MessageFormat.format(AUTHBLOCKTOKKEN_ATTRIBUTE, + new Object[] { uniquetokken }), buildExtendedSAMLAttributes(extendedSAMLAttributes)}); } catch (ParseException e) { Logger.error("Error on building AUTH-Block: " + e.getMessage()); @@ -479,7 +493,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String identityLinkType, String oaURL, String gebDat, - List extendedSAMLAttributes, + List<ExtendedSAMLAttribute> extendedSAMLAttributes, AuthenticationSession session, OAAuthParameter oaParam) throws BuildException @@ -524,9 +538,10 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String specialText = MessageFormat.format(SPECIAL_TEXT_ATTRIBUTE, new Object[] { generateSpecialText(text, issuer, issueInstant) }); - + //generate unique AuthBlock tokken + String uniquetokken = Random.nextRandom(); + session.setAuthBlockTokken(uniquetokken); - String assertion; assertion = MessageFormat.format( @@ -539,6 +554,8 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion oaURL, gebDat, specialText, + MessageFormat.format(AUTHBLOCKTOKKEN_ATTRIBUTE, + new Object[] { uniquetokken }), buildExtendedSAMLAttributes(extendedSAMLAttributes)}); return assertion; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index 839ebe7a4..531303300 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -1,25 +1,26 @@ -/* - * Copyright 2003 Federal Chancellery Austria +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * + * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. - */ + ******************************************************************************/ + package at.gv.egovernment.moa.id.auth.builder; @@ -28,8 +29,9 @@ import java.text.MessageFormat; import java.util.Calendar; import java.util.List; -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; @@ -229,7 +231,7 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB String bkuURL, String signerCertificateBase64, boolean businessService, - List extendedSAMLAttributes, + List<ExtendedSAMLAttribute> extendedSAMLAttributes, boolean useCondition, int conditionLength) throws BuildException @@ -350,7 +352,7 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB String bkuURL, String signerCertificateBase64, boolean businessService, - List extendedSAMLAttributes, + List<ExtendedSAMLAttribute> extendedSAMLAttributes, boolean useCondition, int conditionLength) throws BuildException diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index 9bec06135..bd87737ed 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -26,9 +48,7 @@ package at.gv.egovernment.moa.id.auth.builder; import java.security.MessageDigest; -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/Builder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/Builder.java index 5757c398e..ca9bf2080 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/Builder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/Builder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -24,7 +46,7 @@ package at.gv.egovernment.moa.id.auth.builder; -import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.util.StringUtils; /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java index 7528bc2e8..a904242e1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -27,7 +49,7 @@ package at.gv.egovernment.moa.id.auth.builder; import java.io.IOException; import java.text.MessageFormat; -import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.FileUtils; @@ -71,25 +93,25 @@ public class CertInfoVerifyXMLSignatureRequestBuilder extends Builder implements * @return the XML structure * @throws BuildException */ - public String build(boolean slVersion12) throws BuildException { + public String build() throws BuildException { String sl10Prefix; String sl11Prefix; String slNsDeclaration; - if (slVersion12) { +// if (slVersion12) { sl10Prefix = SL12_PREFIX; sl11Prefix = SL12_PREFIX; slNsDeclaration = "xmlns:" + SL12_PREFIX + "=\"" + SL12_NS_URI + "\""; - } else { - - sl10Prefix = SL10_PREFIX; - sl11Prefix = SL11_PREFIX; - slNsDeclaration = "xmlns:" + sl11Prefix + "=\"" + SL11_NS_URI + "\" xmlns:" + sl10Prefix + "=\"" + SL10_NS_URI + "\""; - - } +// } else { +// +// sl10Prefix = SL10_PREFIX; +// sl11Prefix = SL11_PREFIX; +// slNsDeclaration = "xmlns:" + sl11Prefix + "=\"" + SL11_NS_URI + "\" xmlns:" + sl10Prefix + "=\"" + SL10_NS_URI + "\""; +// +// } String certInfoRequest = MessageFormat.format(CERTINFO_REQUEST, new Object[] {sl11Prefix, sl10Prefix, slNsDeclaration}); String resDsigSignature = "resources/xmldata/CertInfoDsigSignature.xml"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java index 23596abda..bbbfacbd1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -81,7 +103,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants { * @param slVersion12 specifies whether the Security Layer version number is 1.2 or not * @return String representation of <code><CreateXMLSignatureRequest></code> */ - public String build(String authBlock, String keyBoxIdentifier, List<String> dsigTransformInfos, boolean slVersion12) { + public String build(String authBlock, String keyBoxIdentifier, List<String> dsigTransformInfos) { String sl10Prefix; String sl11Prefix; @@ -97,7 +119,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants { // dsigTransformInfosString += dsigTransformInfos[i]; // } - if (slVersion12) { +// if (slVersion12) { // replace the SecurityLayer namespace prefixes and URIs within the transforms dsigTransformInfosString = StringUtils.changeSLVersion(dsigTransformInfosString, @@ -107,13 +129,13 @@ public class CreateXMLSignatureRequestBuilder implements Constants { sl11Prefix = SL12_PREFIX; slNsDeclaration = "xmlns:" + SL12_PREFIX + "='" + SL12_NS_URI + "'"; - } else { - - sl10Prefix = SL10_PREFIX; - sl11Prefix = SL11_PREFIX; - slNsDeclaration = "xmlns:" + sl10Prefix + "='" + SL10_NS_URI + "' xmlns:" + sl11Prefix + "='" + SL11_NS_URI + "'"; - - } +// } else { +// +// sl10Prefix = SL10_PREFIX; +// sl11Prefix = SL11_PREFIX; +// slNsDeclaration = "xmlns:" + sl10Prefix + "='" + SL10_NS_URI + "' xmlns:" + sl11Prefix + "='" + SL11_NS_URI + "'"; +// +// } String request = MessageFormat.format( CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java index 650f1578d..e7e1e5cbd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java @@ -1,34 +1,56 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.builder;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
-import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
/**
@@ -46,22 +68,22 @@ public class CreateXMLSignatureRequestBuilderForeign extends Builder { /** private static int all contains the representation to replace all tags*/
private static final int ALL = -1;
- /** default HTML template */
- private static final String DEFAULT_XML_TEMPLATE =
- "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
- "<sl:CreateXMLSignatureRequest xmlns:sl=\"http://www.buergerkarte.at/namespaces/securitylayer/1.2#\">" +
- "<sl:KeyboxIdentifier>" + KEYBOXID_TAG + "</sl:KeyboxIdentifier>" +
- "<sl:DataObjectInfo Structure=\"enveloping\">" +
- "<sl:DataObject>" +
- "<sl:XMLContent>" + XMLCONTENT_TAG + "</sl:XMLContent>" +
- "</sl:DataObject>" +
- "<sl:TransformsInfo>" +
- "<sl:FinalDataMetaInfo>" +
- "<sl:MimeType>text/plain</sl:MimeType>" +
- "</sl:FinalDataMetaInfo>" +
- "</sl:TransformsInfo>" +
- "</sl:DataObjectInfo>" +
- "</sl:CreateXMLSignatureRequest>";
+// /** default HTML template */
+// private static final String DEFAULT_XML_TEMPLATE =
+// "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
+// "<sl:CreateXMLSignatureRequest xmlns:sl=\"http://www.buergerkarte.at/namespaces/securitylayer/1.2#\">" +
+// "<sl:KeyboxIdentifier>" + KEYBOXID_TAG + "</sl:KeyboxIdentifier>" +
+// "<sl:DataObjectInfo Structure=\"enveloping\">" +
+// "<sl:DataObject>" +
+// "<sl:XMLContent>" + XMLCONTENT_TAG + "</sl:XMLContent>" +
+// "</sl:DataObject>" +
+// "<sl:TransformsInfo>" +
+// "<sl:FinalDataMetaInfo>" +
+// "<sl:MimeType>text/plain</sl:MimeType>" +
+// "</sl:FinalDataMetaInfo>" +
+// "</sl:TransformsInfo>" +
+// "</sl:DataObjectInfo>" +
+// "</sl:CreateXMLSignatureRequest>";
/** default HTML template */
private static final String DEFAULT_XHTML_TEMPLATE =
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java index 9b7cc41ba..924051e2a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -25,10 +47,6 @@ package at.gv.egovernment.moa.id.auth.builder; import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; /** * Builds a DataURL parameter meant for the security layer implementation @@ -58,7 +76,7 @@ public class DataURLBuilder { */ public String buildDataURL(String authBaseURL, String authServletName, String sessionID) { - String individualDataURLPrefix = null; +// String individualDataURLPrefix = null; String dataURL; //is removed from config in MOA-ID 2.0 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index bd8d52031..70aa1a160 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -27,8 +49,12 @@ package at.gv.egovernment.moa.id.auth.builder; import java.io.IOException; import java.io.StringReader; import java.io.StringWriter; +import java.util.Map; -import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.util.FormBuildUtils; +import at.gv.egovernment.moa.util.MiscUtil; /** * Builder for HTML form requesting the security layer implementation @@ -53,9 +79,13 @@ public class GetIdentityLinkFormBuilder extends Builder { /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */ private static final String PUSHINFOBOX_TAG = "<PushInfobox>"; /** special tag in the HTML template to be substituted for the BKU URL */ - private static final String MANDATE_TAG = "<Mandate>"; /** private static int all contains the representation to replace all tags*/ private static final int ALL = -1; + + private static final String COLOR_TAG = "<COLOR>"; + private static final String REDIRECTTARGETTAG = "<REDIRECTTARGET>"; + private static final String APPLETWIDTH_TAG = "<APPLETWIDTH>"; + private static final String APPLETHEIGHT_TAG = "<APPLETHEIGHT>"; /** default HTML template */ private static final String DEFAULT_HTML_TEMPLATE = @@ -112,6 +142,9 @@ public class GetIdentityLinkFormBuilder extends Builder { * @param bkuURL URL of the "Bürgerkartenumgebung" the form will be submitted to; * may be <code>null</code>, in this case the default URL will be used * @param dataURL DataURL to be sent as a parameter in the form + * @param oaParam + * @param appletwidth + * @param appletheigth */ public String build( String htmlTemplate, @@ -120,7 +153,9 @@ public class GetIdentityLinkFormBuilder extends Builder { String dataURL, String certInfoXMLRequest, String certInfoDataURL, - String pushInfobox) + String pushInfobox, OAAuthParameter oaParam, + String appletheigth, + String appletwidth) throws BuildException { String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate; @@ -131,6 +166,27 @@ public class GetIdentityLinkFormBuilder extends Builder { //new:wird oben mitreplaced htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL); htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest), true, ALL); htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, true, ALL); + + if (oaParam != null) { + Map<String, String> map = oaParam.getFormCustomizaten(); + htmlForm = replaceTag(htmlForm, COLOR_TAG, map.get(FormBuildUtils.MAIN_BACKGROUNDCOLOR), false, ALL); + htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, map.get(FormBuildUtils.REDIRECTTARGET), false, ALL); + + } else { + htmlForm = replaceTag(htmlForm, COLOR_TAG, FormBuildUtils.getDefaultMap().get(FormBuildUtils.MAIN_BACKGROUNDCOLOR), false, ALL); + htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, FormBuildUtils.getDefaultMap().get(FormBuildUtils.REDIRECTTARGET), false, ALL); + } + + if (MiscUtil.isNotEmpty(appletheigth)) + htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, appletheigth, false, ALL); + else + htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, "160", false, ALL); + + if (MiscUtil.isNotEmpty(appletwidth)) + htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, appletwidth, false, ALL); + else + htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, "250", false, ALL); + return htmlForm; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetVerifyAuthBlockFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetVerifyAuthBlockFormBuilder.java index ea3d170eb..3f2d96df4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetVerifyAuthBlockFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetVerifyAuthBlockFormBuilder.java @@ -1,30 +1,52 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.builder;
-import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.auth.exception.BuildException;
/**
* Builder for HTML form requesting a security layer request
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java index b2acf9f2d..828fc78ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -57,18 +79,18 @@ public class InfoboxReadRequestBuilder implements Constants { * * @return <code><InfoboxReadRequest></code> as String */ - public String build(boolean slVersion12, boolean businessService, String identityLinkDomainIdentifier) { + public String build(boolean businessService, String identityLinkDomainIdentifier) { String slPrefix; String slNsDeclaration; - if (slVersion12) { +// if (slVersion12) { slPrefix = SL12_PREFIX; slNsDeclaration = SL12_NS_URI; - } else { - slPrefix = SL10_PREFIX; - slNsDeclaration = SL10_NS_URI; - } +// } else { +// slPrefix = SL10_PREFIX; +// slNsDeclaration = SL10_NS_URI; +// } StringBuffer sb = new StringBuffer("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>"); sb.append("<"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderCertificate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderCertificate.java index e13101dbb..bb3533664 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderCertificate.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderCertificate.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java deleted file mode 100644 index 0a526ebbe..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.builder; - -import java.util.List; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParamsImpl; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * This class provides one method for building parameters needed for - * validating an infobox token. - * - * @author Harald Bratko - */ -public class InfoboxValidatorParamsBuilder { - - // hide the default constructor - private InfoboxValidatorParamsBuilder() { - } - - /** - * Builds the parameters passed to the validator class for validating an infobox token. - * - * @param session The actual Authentication session. - * @param verifyInfoboxParameter The configuration parameters for the infobox. - * @param infoboxTokenList Contains the infobox token to be validated. - * @param oaParam The configuration parameters of the online application - * - * @return Parameters for validating an infobox token. - */ -// public static InfoboxValidatorParams buildInfoboxValidatorParams( -// AuthenticationSession session, -// VerifyInfoboxParameter verifyInfoboxParameter, -// List infoboxTokenList, -// OAAuthParameter oaParam) -// { -// InfoboxValidatorParamsImpl infoboxValidatorParams = new InfoboxValidatorParamsImpl(); -// IdentityLink identityLink = session.getIdentityLink(); -// -// // the infobox token to validate -// infoboxValidatorParams.setInfoboxTokenList(infoboxTokenList); -// // configuration parameters -// infoboxValidatorParams.setTrustProfileID(verifyInfoboxParameter.getTrustProfileID()); -// infoboxValidatorParams.setSchemaLocations(verifyInfoboxParameter.getSchemaLocations()); -// infoboxValidatorParams.setApplicationSpecificParams(verifyInfoboxParameter.getApplicationSpecificParams()); -// // authentication session parameters -// infoboxValidatorParams.setBkuURL(session.getBkuURL()); -// infoboxValidatorParams.setTarget(session.getTarget()); -// infoboxValidatorParams.setDomainIdentifier(oaParam.getIdentityLinkDomainIdentifier()); -// infoboxValidatorParams.setBusinessApplication(session.getBusinessService()); -// // parameters from the identity link -// infoboxValidatorParams.setFamilyName(identityLink.getFamilyName()); -// infoboxValidatorParams.setGivenName(identityLink.getGivenName()); -// infoboxValidatorParams.setDateOfBirth(identityLink.getDateOfBirth()); -// if (verifyInfoboxParameter.getProvideStammzahl()) { -// infoboxValidatorParams.setIdentificationValue(identityLink.getIdentificationValue()); -// } -// infoboxValidatorParams.setIdentificationType(identityLink.getIdentificationType()); -// infoboxValidatorParams.setPublicKeys(identityLink.getPublicKey()); -// if (verifyInfoboxParameter.getProvideIdentityLink()) { -// Element identityLinkElem = (Element)identityLink.getSamlAssertion().cloneNode(true); -// if (!verifyInfoboxParameter.getProvideStammzahl()) { -// Element identificationValueElem = -// (Element)XPathUtils.selectSingleNode(identityLinkElem, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); -// if (identificationValueElem != null) { -// identificationValueElem.getFirstChild().setNodeValue(""); -// } -// } -// infoboxValidatorParams.setIdentityLink(identityLinkElem); -// } -// -// //TODO: check if this is Protocol specific -// //infoboxValidatorParams.setHideStammzahl(!oaParam.getProvideStammzahl()); -// infoboxValidatorParams.setHideStammzahl(true); -// -// return infoboxValidatorParams; -// } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginConfirmationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginConfirmationBuilder.java index 69e654f56..31e4c0578 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginConfirmationBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginConfirmationBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java index a80fcfa25..0746d1be1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java @@ -1,27 +1,51 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; +import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URI; +import java.net.URISyntaxException; import org.apache.commons.io.IOUtils; -import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; -import at.gv.egovernment.moa.id.config.OAParameter; +import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; +import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class LoginFormBuilder { private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; private static final String HTMLTEMPLATEFULL = "loginFormFull.html"; - private static final String HTMLTEMPLATEIFRAME = "loginFormIFrame.html"; - + private static String AUTH_URL = "#AUTH_URL#"; private static String MODUL = "#MODUL#"; private static String ACTION = "#ACTION#"; @@ -29,40 +53,42 @@ public class LoginFormBuilder { private static String BKU_ONLINE = "#ONLINE#"; private static String BKU_HANDY = "#HANDY#"; private static String BKU_LOCAL = "#LOCAL#"; - private static String CONTEXTPATH = "#CONTEXTPATH#"; + public static String CONTEXTPATH = "#CONTEXTPATH#"; private static String MOASESSIONID = "#SESSIONID#"; - + private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate"; - private static String getTemplate(boolean isIFrame) { + public static String getTemplate() { + String pathLocation =""; + InputStream input = null; + + try { + String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); + pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; + File file = new File(new URI(pathLocation)); + input = new FileInputStream(file); + + } catch (ConfigurationException e) { + Logger.warn("MOA-ID configuration can not be loaded."); + + } catch (Exception e) { + + } + + return getTemplate(input); + + } + + public static String getTemplate(InputStream input) { String template = null; - - try { - String pathLocation; - - InputStream input; - - String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); - if (isIFrame) - pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEIFRAME; - else - pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; - - try { - File file = new File(new URI(pathLocation)); - input = new FileInputStream(file); - - } catch (FileNotFoundException e) { + try { + if (input == null) { Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package."); - if (isIFrame) - pathLocation = "resources/templates/" + HTMLTEMPLATEIFRAME; - else - pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; - + String pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; input = Thread.currentThread() .getContextClassLoader() .getResourceAsStream(pathLocation); @@ -76,17 +102,23 @@ public class LoginFormBuilder { template = template.replace(BKU_ONLINE, OAAuthParameter.ONLINEBKU); template = template.replace(BKU_HANDY, OAAuthParameter.HANDYBKU); template = template.replace(BKU_LOCAL, OAAuthParameter.LOCALBKU); - - input.close(); - + } catch (Exception e) { Logger.error("Failed to read template", e); + + } finally { + try { + input.close(); + + } catch (IOException e) { + Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); + } } return template; } - - public static String buildLoginForm(String modul, String action, String oaname, String contextpath, boolean isIFrame, String moaSessionID) { - String value = getTemplate(isIFrame); + + public static String buildLoginForm(String modul, String action, OAAuthParameter oaParam, String contextpath, String moaSessionID) { + String value = getTemplate(); if(value != null) { if(modul == null) { @@ -97,11 +129,16 @@ public class LoginFormBuilder { } value = value.replace(MODUL, modul); value = value.replace(ACTION, action); - value = value.replace(OANAME, oaname); + value = value.replace(OANAME, oaParam.getFriendlyName()); value = value.replace(CONTEXTPATH, contextpath); value = value.replace(MOASESSIONID, moaSessionID); + + value = FormBuildUtils.customiceLayoutBKUSelection(value, + oaParam.isShowMandateCheckBox(), + oaParam.isOnlyMandateAllowed(), + oaParam.getFormCustomizaten()); + } return value; } - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java index 05a7cdbea..333d8680c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -27,8 +49,8 @@ package at.gv.egovernment.moa.id.auth.builder; import org.w3c.dom.Element; import org.w3c.dom.Node; -import at.gv.egovernment.moa.id.BuildException; import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java index 6d10f5519..e2a736330 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; import java.io.InputStream; @@ -5,8 +27,6 @@ import java.io.StringWriter; import org.apache.commons.io.IOUtils; -import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; -import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.logging.Logger; public class RedirectFormBuilder { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java index 304a5b70c..1e2a4700d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -27,7 +49,7 @@ package at.gv.egovernment.moa.id.auth.builder; import java.io.ByteArrayOutputStream; import java.security.MessageDigest; -import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.logging.Logger; @@ -45,7 +67,7 @@ public class SAMLArtifactBuilder { /** * The generic configuration parameter for an alternative SourceID. */ - private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID"; +// private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID"; /** * Constructor for SAMLArtifactBuilder. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java index 9d7ae1f46..8b0d906fe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -28,7 +50,7 @@ import java.text.MessageFormat; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.StringUtils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java deleted file mode 100644 index bfc86d608..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.builder; - -import at.gv.egovernment.moa.id.BuildException; - -/** - * Builder for the BKU selection form requesting the user to choose - * a BKU from a list. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class SelectBKUFormBuilder extends Builder { - /** private static String NL contains the NewLine representation in Java*/ - private static final String nl = "\n"; - /** special tag in the HTML template to be substituted for the form action which is - * a URL of MOA-ID Auth */ - private static final String ACTION_TAG = "<StartAuth>"; - /** special tag in the HTML template to be substituted for the <code><select;gt;</code> tag - * containing the BKU selection options */ - private static final String SELECT_TAG = "<BKUSelect>"; - /** - * Template for the default html-code to be returned as security-layer-selection to be built - */ - private static final String DEFAULT_HTML_TEMPLATE = - "<html>" + nl + - "<head>" + nl + - "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl + - "<title>Auswahl der Bürgerkartenumgebung</title>" + nl + - "</head>" + nl + - "<body>" + nl + - "<form name=\"BKUSelectionForm\"" + nl + - " action=\"" + ACTION_TAG + "\"" + nl + - " method=\"post\">" + nl + - SELECT_TAG + nl + - " <input type=\"submit\" value=\"Bürgerkartenumgebung auswählen\"/>" + nl + - "</form>" + nl + - "</body>" + nl + - "</html>"; - - /** - * Constructor - */ - public SelectBKUFormBuilder() { - super(); - } - /** - * Method build. Builds the form - * @param htmlTemplate to be used - * @param startAuthenticationURL the url where the startAuthenticationServlet can be found - * @param bkuSelectTag if a special bku should be used - * @return String - * @throws BuildException on any error - */ - public String build(String htmlTemplate, String startAuthenticationURL, String bkuSelectTag) - throws BuildException { - - String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate; - htmlForm = replaceTag(htmlForm, ACTION_TAG, startAuthenticationURL, true, 1); - htmlForm = replaceTag(htmlForm, SELECT_TAG, bkuSelectTag, true, 1); - return htmlForm; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java index 956593237..d8a53fba8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java @@ -1,26 +1,50 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; +import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URI; import org.apache.commons.io.IOUtils; -import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; -import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; +import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class SendAssertionFormBuilder { private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; private static final String HTMLTEMPLATEFULL = "sendAssertionFormFull.html"; - private static final String HTMLTEMPLATEIFRAME = "sendAssertionFormIFrame.html"; + + private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\""; private static String URL = "#URL#"; private static String MODUL = "#MODUL#"; @@ -28,23 +52,21 @@ public class SendAssertionFormBuilder { private static String ID = "#ID#"; private static String OANAME = "#OAName#"; private static String CONTEXTPATH = "#CONTEXTPATH#"; + private static String BACKGROUNDCOLOR = "#BACKGROUNDCOLOR#"; + private static String COLOR = "#COLOR#"; private static String SERVLET = CONTEXTPATH+"/SSOSendAssertionServlet"; - private static String getTemplate(boolean isIFrame) { + private static String getTemplate() { - String template = null; + String template = null; + InputStream input = null; try { String pathLocation; - InputStream input; - - String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); - - if (isIFrame) - pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEIFRAME; - else - pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; + + String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); + pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; try { File file = new File(new URI(pathLocation)); @@ -54,10 +76,7 @@ public class SendAssertionFormBuilder { Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package."); - if (isIFrame) - pathLocation = "resources/templates/" + HTMLTEMPLATEIFRAME; - else - pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; + pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; input = Thread.currentThread() .getContextClassLoader() @@ -69,15 +88,24 @@ public class SendAssertionFormBuilder { IOUtils.copy(input, writer); template = writer.toString(); template = template.replace(URL, SERVLET); + } catch (Exception e) { Logger.error("Failed to read template", e); + + } finally { + try { + input.close(); + + } catch (IOException e) { + Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); + } } return template; } - public static String buildForm(String modul, String action, String id, String oaname, String contextpath, boolean isIFrame) { - String value = getTemplate(isIFrame); + public static String buildForm(String modul, String action, String id, OAAuthParameter oaParam, String contextpath) { + String value = getTemplate(); if(value != null) { if(modul == null) { @@ -89,8 +117,14 @@ public class SendAssertionFormBuilder { value = value.replace(MODUL, modul); value = value.replace(ACTION, action); value = value.replace(ID, id); - value = value.replace(OANAME, oaname); + value = value.replace(OANAME, oaParam.getFriendlyName()); value = value.replace(CONTEXTPATH, contextpath); + + value = FormBuildUtils.customiceLayoutBKUSelection(value, + oaParam.isShowMandateCheckBox(), + oaParam.isOnlyMandateAllowed(), + oaParam.getFormCustomizaten()); + } return value; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java index 8a9c2b4fd..0bd690827 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java @@ -1,13 +1,35 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.WrongParametersException; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.logging.Logger; @@ -36,7 +58,8 @@ public class StartAuthenticationBuilder { Logger.info("Starting authentication for a citizen of country: " + (StringUtils.isEmpty(moasession.getCcc()) ? "AT" : moasession.getCcc())); // STORK or normal authentication - if (storkConfig.isSTORKAuthentication(moasession.getCcc())) { + //TODO: commented because npe was thrown + /*if (storkConfig.isSTORKAuthentication(moasession.getCcc())) { //STORK authentication Logger.trace("Found C-PEPS configuration for citizen of country: " + moasession.getCcc()); Logger.debug("Starting STORK authentication"); @@ -44,13 +67,13 @@ public class StartAuthenticationBuilder { AuthenticationServer.startSTORKAuthentication(req, resp, moasession); return ""; - } else { + } else {*/ //normal MOA-ID authentication Logger.debug("Starting normal MOA-ID authentication"); - String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(moasession, req.getScheme()); + String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(moasession, req); return getIdentityLinkForm; - } + //} } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java index b65b3db0d..d2ea53011 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -33,10 +55,10 @@ import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 4560e69cf..f84409d53 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -1,49 +1,56 @@ -/* - * Copyright 2003 Federal Chancellery Austria +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * + * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria MOA-ID has been developed in a cooperation between + * BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology. + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: http://www.osor.eu/eupl/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. This product combines work with different licenses. See the "NOTICE" text file for + * details on the various modules and licenses. The "NOTICE" text file is part of the distribution. + * Any derivative works that you distribute must include a readable copy of the "NOTICE" text file. */ package at.gv.egovernment.moa.id.auth.data; import iaik.x509.X509Certificate; -import java.io.IOException; import java.io.Serializable; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.util.ArrayList; -import java.util.Date; import java.util.Iterator; import java.util.List; import java.util.Vector; -import javax.xml.parsers.ParserConfigurationException; - import org.w3c.dom.Element; -import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; +import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; @@ -51,43 +58,40 @@ import at.gv.egovernment.moa.util.DOMUtils; import eu.stork.mw.messages.saml.STORKAuthnRequest; /** - * Session data to be stored between <code>AuthenticationServer</code> API - * calls. + * Session data to be stored between <code>AuthenticationServer</code> API calls. * * @author Paul Ivancsics * @version $Id$ */ public class AuthenticationSession implements Serializable { - + /** * */ private static final long serialVersionUID = 1L; public static final String TARGET_PREFIX_ = Constants.URN_PREFIX_CDID + "+"; - public static final String REGISTERANDORDNR_PREFIX_ = Constants.URN_PREFIX_WBPK - + "+"; - + public static final String REGISTERANDORDNR_PREFIX_ = Constants.URN_PREFIX_WBPK + "+"; + /** * session ID */ private String sessionID; /** - * "Geschäftsbereich" the online application belongs to; maybe - * <code>null</code> if the online application is a business application + * "Geschäftsbereich" the online application belongs to; maybe <code>null</code> if the + * online application is a business application */ private String target; /** - * Friendly name for the target, if target is configured via MOA-ID - * configuration + * Friendly name for the target, if target is configured via MOA-ID configuration */ private String targetFriendlyName; - + /** * SourceID */ private String sourceID; - + /** * public online application URL requested */ @@ -104,28 +108,25 @@ public class AuthenticationSession implements Serializable { * HTML template URL */ private String templateURL; - + /** * URL of the BKU */ private String bkuURL; - + /** - * Indicates whether the corresponding online application is a business - * service or not + * Indicates whether the corresponding online application is a business service or not */ private boolean businessService; - //Store Mandate + // Store Mandate /** * Use mandate */ private boolean useMandate; - private boolean isOW = false; - /** * STORK */ @@ -133,99 +134,93 @@ public class AuthenticationSession implements Serializable { /** * - * Mandate element + * Mandate element */ private MISMandate mandate; /** - * Reference value for mandate - * bussiness service for the assertion + * Reference value for mandate bussiness service for the assertion */ private String mandateReferenceValue; - + /** * SessionID for MIS */ private String misSessionID; - //store Identitylink + // store Identitylink /** * identity link read from smartcard */ private IdentityLink identityLink; - - /** - * timestamp logging when identity link has been received - */ - private Date timestampIdentityLink; - //store Authblock + // /** + // * timestamp logging when identity link has been received + // */ + // private Date timestampIdentityLink; + + // store Authblock /** * authentication block to be signed by the user */ private String authBlock; + private String authBlockTokken; + /** * The issuing time of the AUTH-Block SAML assertion. */ private String issueInstant; - - //Signer certificate + + // Signer certificate /** * Signer certificate of the foreign citizen or for mandate mode */ - //private X509Certificate signerCertificate; + // private X509Certificate signerCertificate; private byte[] signerCertificate; - /** - * SAML attributes from an extended infobox validation to be appended to the - * SAML assertion delivered to the final online application. + * SAML attributes from an extended infobox validation to be appended to the SAML assertion + * delivered to the final online application. */ - private List extendedSAMLAttributesOA; - + private List<ExtendedSAMLAttribute> extendedSAMLAttributesOA; + /** - * The boolean value for either a target or a wbPK is provided as SAML - * Attribute in the SAML Assertion or not. + * The boolean value for either a target or a wbPK is provided as SAML Attribute in the SAML + * Assertion or not. */ private boolean samlAttributeGebeORwbpk; - + /** - * SAML attributes from an extended infobox validation to be appended to the - * SAML assertion of the AUTHBlock. + * SAML attributes from an extended infobox validation to be appended to the SAML assertion of + * the AUTHBlock. */ - private List extendedSAMLAttributesAUTH; - + private List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH; - //TODO: check if it is in use! /** - * If infobox validators are needed after signing, they can be stored in - * this list. + * If infobox validators are needed after signing, they can be stored in this list. */ private List infoboxValidators; - + /** - * The register and number in the register parameter in case of a business - * service application. + * The register and number in the register parameter in case of a business service application. */ private String domainIdentifier; - + /** - * This string contains all identifiers of infoboxes, the online application - * is configured to accept. The infobox identifiers are comma separated. + * This string contains all identifiers of infoboxes, the online application is configured to + * accept. The infobox identifiers are comma separated. */ private String pushInfobox; - + /** * The STORK AuthRequest to be sent to the C-PEPS */ private STORKAuthnRequest storkAuthnRequest; + // private AuthenticationData authData; - - //private AuthenticationData authData; - - //protocol selection + // protocol selection private String action; private String modul; @@ -234,82 +229,83 @@ public class AuthenticationSession implements Serializable { private boolean ssoRequested = false; -// /** -// * Indicates if target from configuration is used or not -// */ -// private boolean useTargetFromConfig; - -// /** -// * Authentication data for the assertion -// */ -// private AuthenticationData assertionAuthData; -// -// /** -// * Persondata for the assertion -// */ -// private String assertionPrPerson; -// -// /** -// * Authblock for the assertion -// */ -// private String assertionAuthBlock; -// -// /** -// * Identitylink assertion for the (MOA) assertion -// */ -// private String assertionIlAssertion; -// -// /** -// * Signer certificate (base64 encoded) for the assertion -// */ -// private String assertionSignerCertificateBase64; -// -// /** -// * bussiness service for the assertion -// */ -// boolean assertionBusinessService; -// -// /** -// * timestamp logging when authentication session has been created -// */ -// private Date timestampStart; -// private CreateXMLSignatureResponse XMLCreateSignatureResponse; +// private OAuth20SessionObject oAuth20SessionObject; + + // /** + // * Indicates if target from configuration is used or not + // */ + // private boolean useTargetFromConfig; + + // /** + // * Authentication data for the assertion + // */ + // private AuthenticationData assertionAuthData; + // + // /** + // * Persondata for the assertion + // */ + // private String assertionPrPerson; + // + // /** + // * Authblock for the assertion + // */ + // private String assertionAuthBlock; + // + // /** + // * Identitylink assertion for the (MOA) assertion + // */ + // private String assertionIlAssertion; + // + // /** + // * Signer certificate (base64 encoded) for the assertion + // */ + // private String assertionSignerCertificateBase64; + // + // /** + // * bussiness service for the assertion + // */ + // boolean assertionBusinessService; + // + // /** + // * timestamp logging when authentication session has been created + // */ + // private Date timestampStart; + // private CreateXMLSignatureResponse XMLCreateSignatureResponse; private VerifyXMLSignatureResponse XMLVerifySignatureResponse; private boolean isForeigner; -// private String requestedProtocolURL = null; - + // private String requestedProtocolURL = null; + public String getModul() { return modul; } - + public void setModul(String modul) { this.modul = modul; } - + public String getAction() { return action; } - + public void setAction(String action) { this.action = action; } - -// public AuthenticationData getAuthData() { -// return authData; -// } -// -// public void setAuthData(AuthenticationData authData) { -// this.authData = authData; -// } - - + + // public AuthenticationData getAuthData() { + // return authData; + // } + // + // public void setAuthData(AuthenticationData authData) { + // this.authData = authData; + // } + public boolean isAuthenticatedUsed() { return authenticatedUsed; } - + public void setAuthenticatedUsed(boolean authenticatedUsed) { this.authenticatedUsed = authenticatedUsed; } @@ -321,16 +317,15 @@ public class AuthenticationSession implements Serializable { public void setAuthenticated(boolean authenticated) { this.authenticated = authenticated; } - - -// public String getRequestedProtocolURL() { -// return requestedProtocolURL; -// } -// -// public void setRequestedProtocolURL(String requestedProtocolURL) { -// this.requestedProtocolURL = requestedProtocolURL; -// } - + + // public String getRequestedProtocolURL() { + // return requestedProtocolURL; + // } + // + // public void setRequestedProtocolURL(String requestedProtocolURL) { + // this.requestedProtocolURL = requestedProtocolURL; + // } + /** * Constructor for AuthenticationSession. * @@ -339,14 +334,15 @@ public class AuthenticationSession implements Serializable { */ public AuthenticationSession(String id) { sessionID = id; -// setTimestampStart(); + // setTimestampStart(); infoboxValidators = new ArrayList(); } - - public X509Certificate getSignerCertificate(){ + + public X509Certificate getSignerCertificate() { try { return new X509Certificate(signerCertificate); - } catch (CertificateException e) { + } + catch (CertificateException e) { Logger.warn("Signer certificate can not be loaded from session database!", e); return null; } @@ -355,15 +351,16 @@ public class AuthenticationSession implements Serializable { public byte[] getEncodedSignerCertificate() { return this.signerCertificate; } - + public void setSignerCertificate(X509Certificate signerCertificate) { try { this.signerCertificate = signerCertificate.getEncoded(); - } catch (CertificateEncodingException e) { + } + catch (CertificateEncodingException e) { Logger.warn("Signer certificate can not be stored to session database!", e); } } - + /** * Returns the identityLink. * @@ -372,7 +369,7 @@ public class AuthenticationSession implements Serializable { public IdentityLink getIdentityLink() { return identityLink; } - + /** * Returns the sessionID. * @@ -381,7 +378,7 @@ public class AuthenticationSession implements Serializable { public String getSessionID() { return sessionID; } - + /** * Sets the identityLink. * @@ -391,7 +388,7 @@ public class AuthenticationSession implements Serializable { public void setIdentityLink(IdentityLink identityLink) { this.identityLink = identityLink; } - + /** * Sets the sessionID. * @@ -401,7 +398,7 @@ public class AuthenticationSession implements Serializable { public void setSessionID(String sessionId) { this.sessionID = sessionId; } - + /** * Returns the oaURLRequested. * @@ -410,7 +407,7 @@ public class AuthenticationSession implements Serializable { public String getOAURLRequested() { return oaURLRequested; } - + /** * Returns the oaURLRequested. * @@ -419,7 +416,7 @@ public class AuthenticationSession implements Serializable { public String getPublicOAURLPrefix() { return oaPublicURLPrefix; } - + /** * Returns the BKU URL. * @@ -428,7 +425,7 @@ public class AuthenticationSession implements Serializable { public String getBkuURL() { return bkuURL; } - + /** * Returns the target. * @@ -437,7 +434,7 @@ public class AuthenticationSession implements Serializable { public String getTarget() { return target; } - + /** * Returns the sourceID. * @@ -446,7 +443,7 @@ public class AuthenticationSession implements Serializable { public String getSourceID() { return sourceID; } - + /** * Returns the target friendly name. * @@ -455,7 +452,7 @@ public class AuthenticationSession implements Serializable { public String getTargetFriendlyName() { return targetFriendlyName; } - + /** * Sets the oaURLRequested. * @@ -465,7 +462,7 @@ public class AuthenticationSession implements Serializable { public void setOAURLRequested(String oaURLRequested) { this.oaURLRequested = oaURLRequested; } - + /** * Sets the oaPublicURLPrefix * @@ -475,7 +472,7 @@ public class AuthenticationSession implements Serializable { public void setPublicOAURLPrefix(String oaPublicURLPrefix) { this.oaPublicURLPrefix = oaPublicURLPrefix; } - + /** * Sets the bkuURL * @@ -485,10 +482,9 @@ public class AuthenticationSession implements Serializable { public void setBkuURL(String bkuURL) { this.bkuURL = bkuURL; } - + /** - * Sets the target. If the target includes the target prefix, the prefix - * will be stripped off. + * Sets the target. If the target includes the target prefix, the prefix will be stripped off. * * @param target * The target to set @@ -498,13 +494,12 @@ public class AuthenticationSession implements Serializable { // If target starts with prefix "urn:publicid:gv.at:cdid+"; remove // prefix this.target = target.substring(TARGET_PREFIX_.length()); - Logger.debug("Target prefix stripped off; resulting target: " - + this.target); + Logger.debug("Target prefix stripped off; resulting target: " + this.target); } else { this.target = target; } } - + /** * Sets the sourceID * @@ -514,10 +509,9 @@ public class AuthenticationSession implements Serializable { public void setSourceID(String sourceID) { this.sourceID = sourceID; } - + /** - * Sets the target. If the target includes the target prefix, the prefix - * will be stripped off. + * Sets the target. If the target includes the target prefix, the prefix will be stripped off. * * @param target * The target to set @@ -525,7 +519,7 @@ public class AuthenticationSession implements Serializable { public void setTargetFriendlyName(String targetFriendlyName) { this.targetFriendlyName = targetFriendlyName; } - + /** * Returns the authURL. * @@ -534,7 +528,7 @@ public class AuthenticationSession implements Serializable { public String getAuthURL() { return authURL; } - + /** * Sets the authURL. * @@ -544,7 +538,7 @@ public class AuthenticationSession implements Serializable { public void setAuthURL(String authURL) { this.authURL = authURL; } - + /** * Returns the authBlock. * @@ -553,7 +547,7 @@ public class AuthenticationSession implements Serializable { public String getAuthBlock() { return authBlock; } - + /** * Sets the authBlock. * @@ -563,26 +557,17 @@ public class AuthenticationSession implements Serializable { public void setAuthBlock(String authBlock) { this.authBlock = authBlock; } - - /** - * Returns the timestampIdentityLink. - * - * @return Date - */ - public Date getTimestampIdentityLink() { - return timestampIdentityLink; - } - + /** * Returns the businessService. * - * @return <code>true</code> if the corresponding online application is a - * business application, otherwise <code>false</code> + * @return <code>true</code> if the corresponding online application is a business application, + * otherwise <code>false</code> */ public boolean getBusinessService() { return businessService; } - + /** * Sets the businessService variable. * @@ -592,37 +577,14 @@ public class AuthenticationSession implements Serializable { public void setBusinessService(boolean businessService) { this.businessService = businessService; } - -// /** -// * Returns the timestampStart. -// * -// * @return Date -// */ -// public Date getTimestampStart() { -// return timestampStart; -// } - - /** - * Sets the current date as timestampIdentityLink. - */ - public void setTimestampIdentityLink() { - timestampIdentityLink = new Date(); - } - -// /** -// * Sets the current date as timestampStart. -// */ -// public void setTimestampStart() { -// timestampStart = new Date(); -// } - + /** * @return template URL */ public String getTemplateURL() { return templateURL; } - + /** * @param string * the template URL @@ -630,74 +592,74 @@ public class AuthenticationSession implements Serializable { public void setTemplateURL(String string) { templateURL = string; } - + /** - * Returns the SAML Attributes to be appended to the AUTHBlock. Maybe - * <code>null</code>. + * Returns the SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. * - * @return The SAML Attributes to be appended to the AUTHBlock. Maybe - * <code>null</code>. + * @return The SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. */ - public List getExtendedSAMLAttributesAUTH() { + public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesAUTH() { + if (extendedSAMLAttributesAUTH == null) extendedSAMLAttributesAUTH = new ArrayList<ExtendedSAMLAttribute>(); + return extendedSAMLAttributesAUTH; } - + /** * Sets the SAML Attributes to be appended to the AUTHBlock. * * @param extendedSAMLAttributesAUTH * The SAML Attributes to be appended to the AUTHBlock. */ - public void setExtendedSAMLAttributesAUTH(List extendedSAMLAttributesAUTH) { + public void setExtendedSAMLAttributesAUTH(List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH) { this.extendedSAMLAttributesAUTH = extendedSAMLAttributesAUTH; } - + /** - * Returns the SAML Attributes to be appended to the SAML assertion - * delivered to the online application. Maybe <code>null</code>. + * Returns the SAML Attributes to be appended to the SAML assertion delivered to the online + * application. Maybe <code>null</code>. * - * @return The SAML Attributes to be appended to the SAML assertion - * delivered to the online application + * @return The SAML Attributes to be appended to the SAML assertion delivered to the online + * application */ - public List getExtendedSAMLAttributesOA() { + public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesOA() { return extendedSAMLAttributesOA; } - + /** - * Sets the SAML Attributes to be appended to the SAML assertion delivered - * to the online application. + * Sets the SAML Attributes to be appended to the SAML assertion delivered to the online + * application. * * @param extendedSAMLAttributesOA - * The SAML Attributes to be appended to the SAML assertion - * delivered to the online application. + * The SAML Attributes to be appended to the SAML assertion delivered to the online + * application. */ - public void setExtendedSAMLAttributesOA(List extendedSAMLAttributesOA) { + public void setExtendedSAMLAttributesOA(List<ExtendedSAMLAttribute> extendedSAMLAttributesOA) { this.extendedSAMLAttributesOA = extendedSAMLAttributesOA; } - + /** - * Returns the boolean value for either a target or a wbPK is provided as - * SAML Attribute in the SAML Assertion or not. + * Returns the boolean value for either a target or a wbPK is provided as SAML Attribute in the + * SAML Assertion or not. * - * @return true either a target or a wbPK is provided as SAML Attribute in - * the SAML Assertion or false if not. + * @return true either a target or a wbPK is provided as SAML Attribute in the SAML Assertion or + * false if not. */ public boolean getSAMLAttributeGebeORwbpk() { return this.samlAttributeGebeORwbpk; } - + /** - * Sets the boolean value for either a target or a wbPK is provided as SAML - * Attribute in the SAML Assertion or not. + * Sets the boolean value for either a target or a wbPK is provided as SAML Attribute in the + * SAML Assertion or not. * * @param samlAttributeGebeORwbpk - * The boolean for value either a target or wbPK is provided as - * SAML Attribute in the SAML Assertion or not. + * The boolean for value either a target or wbPK is provided as SAML Attribute in the + * SAML Assertion or not. */ public void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk) { this.samlAttributeGebeORwbpk = samlAttributeGebeORwbpk; } - + /** * Returns the issuing time of the AUTH-Block SAML assertion. * @@ -706,7 +668,7 @@ public class AuthenticationSession implements Serializable { public String getIssueInstant() { return issueInstant; } - + /** * Sets the issuing time of the AUTH-Block SAML assertion. * @@ -716,40 +678,39 @@ public class AuthenticationSession implements Serializable { public void setIssueInstant(String issueInstant) { this.issueInstant = issueInstant; } - + /** * Returns the iterator to the stored infobox validators. * * @return Iterator */ public Iterator getInfoboxValidatorIterator() { - if (infoboxValidators == null) - return null; - return infoboxValidators.iterator(); - } - - /** - * Adds an infobox validator class to the stored infobox validators. - * - * @param infoboxIdentifier - * the identifier of the infobox the validator belongs to - * @param infoboxFriendlyName - * the friendly name of the infobox - * @param infoboxValidator - * the infobox validator to add - */ - public Iterator addInfoboxValidator(String infoboxIdentifier, - String infoboxFriendlyName, InfoboxValidator infoboxValidator) { - if (infoboxValidators == null) - infoboxValidators = new ArrayList(); - Vector v = new Vector(3); - v.add(infoboxIdentifier); - v.add(infoboxFriendlyName); - v.add(infoboxValidator); - infoboxValidators.add(v); + if (infoboxValidators == null) return null; return infoboxValidators.iterator(); } - + + // /** + // * Adds an infobox validator class to the stored infobox validators. + // * + // * @param infoboxIdentifier + // * the identifier of the infobox the validator belongs to + // * @param infoboxFriendlyName + // * the friendly name of the infobox + // * @param infoboxValidator + // * the infobox validator to add + // */ + // public Iterator addInfoboxValidator(String infoboxIdentifier, + // String infoboxFriendlyName, InfoboxValidator infoboxValidator) { + // if (infoboxValidators == null) + // infoboxValidators = new ArrayList(); + // Vector v = new Vector(3); + // v.add(infoboxIdentifier); + // v.add(infoboxFriendlyName); + // v.add(infoboxValidator); + // infoboxValidators.add(v); + // return infoboxValidators.iterator(); + // } + /** * Tests for pending input events of the infobox validators. * @@ -761,100 +722,94 @@ public class AuthenticationSession implements Serializable { if (iter != null) { while (!result && iter.hasNext()) { Vector infoboxValidatorVector = (Vector) iter.next(); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - .get(2); - if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) - result = true; + InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2); + if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) result = true; } } return result; } - - /** - * Returns the first pending infobox validator. - * - * @return the infobox validator class - */ - public InfoboxValidator getFirstPendingValidator() { - Iterator iter = getInfoboxValidatorIterator(); - if (iter != null) { - while (iter.hasNext()) { - Vector infoboxValidatorVector = (Vector) iter.next(); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - .get(2); - String form = infoboxvalidator.getForm(); - if (!ParepUtils.isEmpty(form)) - return infoboxvalidator; - } - } - return null; - } - - /** - * Returns the input form of the first pending infobox validator input - * processor. - * - * @return the form to show - */ - public String getFirstValidatorInputForm() { - Iterator iter = getInfoboxValidatorIterator(); - if (iter != null) { - while (iter.hasNext()) { - Vector infoboxValidatorVector = (Vector) iter.next(); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - .get(2); - String form = infoboxvalidator.getForm(); - if (!ParepUtils.isEmpty(form)) - return form; - } - } - return null; - } - - /** - * Returns domain identifier (the register and number in the register - * parameter). <code>null</code> in the case of not a business service. + + // /** + // * Returns the first pending infobox validator. + // * + // * @return the infobox validator class + // */ + // public InfoboxValidator getFirstPendingValidator() { + // Iterator iter = getInfoboxValidatorIterator(); + // if (iter != null) { + // while (iter.hasNext()) { + // Vector infoboxValidatorVector = (Vector) iter.next(); + // InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector + // .get(2); + // String form = infoboxvalidator.getForm(); + // if (!ParepUtils.isEmpty(form)) + // return infoboxvalidator; + // } + // } + // return null; + // } + + // /** + // * Returns the input form of the first pending infobox validator input + // * processor. + // * + // * @return the form to show + // */ + // public String getFirstValidatorInputForm() { + // Iterator iter = getInfoboxValidatorIterator(); + // if (iter != null) { + // while (iter.hasNext()) { + // Vector infoboxValidatorVector = (Vector) iter.next(); + // InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector + // .get(2); + // String form = infoboxvalidator.getForm(); + // if (!ParepUtils.isEmpty(form)) + // return form; + // } + // } + // return null; + // } + + /** + * Returns domain identifier (the register and number in the register parameter). + * <code>null</code> in the case of not a business service. * * @return the domainIdentifier */ public String getDomainIdentifier() { return domainIdentifier; } - + /** - * Sets the register and number in the register parameter if the application - * is a business service. If the domain identifier includes the - * registerAndOrdNr prefix, the prefix will be stripped off. + * Sets the register and number in the register parameter if the application is a business + * service. If the domain identifier includes the registerAndOrdNr prefix, the prefix will be + * stripped off. * * @param domainIdentifier * the domain identifier to set */ public void setDomainIdentifier(String domainIdentifier) { - if (domainIdentifier != null - && domainIdentifier.startsWith(REGISTERANDORDNR_PREFIX_)) { + if (domainIdentifier != null && domainIdentifier.startsWith(REGISTERANDORDNR_PREFIX_)) { // If domainIdentifier starts with prefix // "urn:publicid:gv.at:wbpk+"; remove this prefix - this.domainIdentifier = domainIdentifier - .substring(REGISTERANDORDNR_PREFIX_.length()); - Logger.debug("Register and ordernumber prefix stripped off; resulting register string: " - + this.domainIdentifier); + this.domainIdentifier = domainIdentifier.substring(REGISTERANDORDNR_PREFIX_.length()); + Logger.debug("Register and ordernumber prefix stripped off; resulting register string: " + this.domainIdentifier); } else { this.domainIdentifier = domainIdentifier; } } - + /** - * Gets all identifiers of infoboxes, the online application is configured - * to accept. The infobox identifiers are comma separated. + * Gets all identifiers of infoboxes, the online application is configured to accept. The + * infobox identifiers are comma separated. * * @return the string containing infobox identifiers */ public String getPushInfobox() { - if (pushInfobox == null) - return ""; + if (pushInfobox == null) return ""; return pushInfobox; } - + /** * @param pushInfobox * the infobox identifiers to set (comma separated) @@ -862,7 +817,7 @@ public class AuthenticationSession implements Serializable { public void setPushInfobox(String pushInfobox) { this.pushInfobox = pushInfobox; } - + /** * * @param useMandate @@ -873,9 +828,9 @@ public class AuthenticationSession implements Serializable { this.useMandate = true; else this.useMandate = false; - + } - + /** * Returns if mandate is used or not * @@ -884,26 +839,7 @@ public class AuthenticationSession implements Serializable { public boolean getUseMandate() { return this.useMandate; } - -// /** -// * -// * @param useTargetFromConfig -// * indicates if target from config is used or not -// */ -// public void setUseTargetFromConfig(boolean useTargetFromConfig) { -// this.useTargetFromConfig = useTargetFromConfig; -// -// } -// -// /** -// * Returns if target is used from mandate or not -// * -// * @return -// */ -// public boolean getUseTargetFromConfig() { -// return this.useTargetFromConfig; -// } - + /** * * @param misSessionID @@ -912,7 +848,7 @@ public class AuthenticationSession implements Serializable { public void setMISSessionID(String misSessionID) { this.misSessionID = misSessionID; } - + /** * Returns the MIS session ID * @@ -921,105 +857,14 @@ public class AuthenticationSession implements Serializable { public String getMISSessionID() { return this.misSessionID; } - -// /** -// * @return the assertionAuthData -// */ -// public AuthenticationData getAssertionAuthData() { -// return assertionAuthData; -// } -// -// /** -// * @param assertionAuthData -// * the assertionAuthData to set -// */ -// public void setAssertionAuthData(AuthenticationData assertionAuthData) { -// this.assertionAuthData = assertionAuthData; -// } -// -// /** -// * @return the assertionPrPerson -// */ -// public String getAssertionPrPerson() { -// return assertionPrPerson; -// } -// -// /** -// * @param assertionPrPerson -// * the assertionPrPerson to set -// */ -// public void setAssertionPrPerson(String assertionPrPerson) { -// this.assertionPrPerson = assertionPrPerson; -// } -// -// /** -// * @return the assertionAuthBlock -// */ -// public String getAssertionAuthBlock() { -// return assertionAuthBlock; -// } -// -// /** -// * @param assertionAuthBlock -// * the assertionAuthBlock to set -// */ -// public void setAssertionAuthBlock(String assertionAuthBlock) { -// this.assertionAuthBlock = assertionAuthBlock; -// } -// -// /** -// * @return the assertionIlAssertion -// */ -// public String getAssertionIlAssertion() { -// return assertionIlAssertion; -// } -// -// /** -// * @param assertionIlAssertion -// * the assertionIlAssertion to set -// */ -// public void setAssertionIlAssertion(String assertionIlAssertion) { -// this.assertionIlAssertion = assertionIlAssertion; -// } -// -// /** -// * @return the assertionSignerCertificateBase64 -// */ -// public String getAssertionSignerCertificateBase64() { -// return assertionSignerCertificateBase64; -// } -// -// /** -// * @param assertionSignerCertificateBase64 -// * the assertionSignerCertificateBase64 to set -// */ -// public void setAssertionSignerCertificateBase64( -// String assertionSignerCertificateBase64) { -// this.assertionSignerCertificateBase64 = assertionSignerCertificateBase64; -// } -// -// /** -// * @return the assertionBusinessService -// */ -// public boolean getAssertionBusinessService() { -// return assertionBusinessService; -// } -// -// /** -// * @param assertionBusinessService -// * the assertionBusinessService to set -// */ -// public void setAssertionBusinessService(boolean assertionBusinessService) { -// this.assertionBusinessService = assertionBusinessService; -// } - + /** * @return the mandateReferenceValue */ public String getMandateReferenceValue() { return mandateReferenceValue; } - + /** * @param mandateReferenceValue * the mandateReferenceValue to set @@ -1027,7 +872,7 @@ public class AuthenticationSession implements Serializable { public void setMandateReferenceValue(String mandateReferenceValue) { this.mandateReferenceValue = mandateReferenceValue; } - + /** * Gets the STORK SAML AuthnRequest * @@ -1036,7 +881,7 @@ public class AuthenticationSession implements Serializable { public STORKAuthnRequest getStorkAuthnRequest() { return storkAuthnRequest; } - + /** * Sets the STORK SAML AuthnRequest * @@ -1046,45 +891,35 @@ public class AuthenticationSession implements Serializable { public void setStorkAuthnRequest(STORKAuthnRequest storkAuthnRequest) { this.storkAuthnRequest = storkAuthnRequest; } - + public String getCcc() { return ccc; } - + public void setCcc(String ccc) { this.ccc = ccc; } - - -// public CreateXMLSignatureResponse getXMLCreateSignatureResponse() { -// return XMLCreateSignatureResponse; -// } -// -// public void setXMLCreateSignatureResponse(CreateXMLSignatureResponse xMLCreateSignatureResponse) { -// XMLCreateSignatureResponse = xMLCreateSignatureResponse; -// } - public boolean isForeigner() { return isForeigner; } - + public void setForeigner(boolean isForeigner) { this.isForeigner = isForeigner; } - + public VerifyXMLSignatureResponse getXMLVerifySignatureResponse() { return XMLVerifySignatureResponse; } - + public void setXMLVerifySignatureResponse(VerifyXMLSignatureResponse xMLVerifySignatureResponse) { XMLVerifySignatureResponse = xMLVerifySignatureResponse; } - + public MISMandate getMISMandate() { return mandate; } - + public void setMISMandate(MISMandate mandate) { this.mandate = mandate; } @@ -1093,44 +928,75 @@ public class AuthenticationSession implements Serializable { try { byte[] byteMandate = mandate.getMandate(); String stringMandate = new String(byteMandate); - return DOMUtils.parseDocument(stringMandate, false, - null, null).getDocumentElement(); + return DOMUtils.parseDocument(stringMandate, false, null, null).getDocumentElement(); - }catch (Throwable e) { + } + catch (Throwable e) { Logger.warn("Mandate content could not be generated from MISMandate."); return null; - } + } } - + /** * @return the ssoRequested */ - //TODO: SSO only allowed without mandates, actually!!!!!! + // TODO: SSO only allowed without mandates, actually!!!!!! public boolean isSsoRequested() { return ssoRequested && !useMandate; } - + /** - * @param ssoRequested the ssoRequested to set + * @param ssoRequested + * the ssoRequested to set */ public void setSsoRequested(boolean ssoRequested) { this.ssoRequested = ssoRequested; } - + /** * @return the isOW */ public boolean isOW() { return isOW; } - + /** - * @param isOW the isOW to set + * @param isOW + * the isOW to set */ public void setOW(boolean isOW) { this.isOW = isOW; } + /** + * @return the authBlockTokken + */ + public String getAuthBlockTokken() { + return authBlockTokken; + } + + /** + * @param authBlockTokken + * the authBlockTokken to set + */ + public void setAuthBlockTokken(String authBlockTokken) { + this.authBlockTokken = authBlockTokken; + } + + /** +// * @return the oAuth20SessionObject +// */ +// public OAuth20SessionObject getoAuth20SessionObject() { +// return oAuth20SessionObject; +// } +// +// /** +// * @param oAuth20SessionObject +// * the oAuth20SessionObject to set +// */ +// public void setoAuth20SessionObject(OAuth20SessionObject oAuth20SessionObject) { +// this.oAuth20SessionObject = oAuth20SessionObject; +// } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java index b204b629a..4f539caf4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttribute.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttribute.java index 23d526d2d..e1755615b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttribute.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttribute.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java index 7523d7eaf..c7fa58eaf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java index b03f23ce4..78f1e14f0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxToken.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxToken.java index a0f032bad..95a492216 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxToken.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxToken.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxTokenImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxTokenImpl.java index b7e0a8e6c..0791e4938 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxTokenImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxTokenImpl.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java index e79e41515..e9a278d0f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java index 12643939e..0ba17eb2f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java index a4c73cb88..26484c138 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java index d612313f1..025383e7e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java index 9b809ac18..bb33c9030 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/Schema.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/Schema.java index f329be79b..3c3b9589e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/Schema.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/Schema.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/SchemaImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/SchemaImpl.java index 5c1d448a1..2f42ae98a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/SchemaImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/SchemaImpl.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java index ed54683ca..6cf1de319 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/AuthenticationException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/AuthenticationException.java new file mode 100644 index 000000000..31a3e38dc --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/AuthenticationException.java @@ -0,0 +1,81 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.exception; + + +/** + * Exception thrown during handling of AuthenticationSession + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class AuthenticationException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = 263160314137775182L; +/** + * Constructor for AuthenticationException. + * @param messageId + */ + public AuthenticationException(String messageId, Object[] parameters) { + super(messageId, parameters, null); + } + /** + * Constructor for AuthenticationException. + * @param messageId + * @param parameters + * @param wrapped + */ + public AuthenticationException( + String messageId, + Object[] parameters, + Throwable wrapped) { + super(messageId, parameters, wrapped); + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java new file mode 100644 index 000000000..f1d3b078e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java @@ -0,0 +1,67 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +package at.gv.egovernment.moa.id.auth.exception; + +public class BKUException extends MOAIDException { + + private static final long serialVersionUID = -4646544256490397419L; + + private String bkuErrorCode; + private String bkuErrorMessage; + + public BKUException(String messageId, Object[] parameters) { + super(messageId, parameters); + + } + + + public BKUException(String messageId, Object[] parameters, Throwable wrapped) { + super(messageId, parameters, wrapped); + } + + public BKUException(String messageId, Object[] parameters, + String bkuErrorCode, String bkuErrorMessage) { + super(messageId, parameters); + + this.bkuErrorCode = bkuErrorCode; + this.bkuErrorMessage = bkuErrorMessage; + } + + + /** + * @return the bkuErrorCode + */ + public String getBkuErrorCode() { + return bkuErrorCode; + } + + + /** + * @return the bkuErrorMessage + */ + public String getBkuErrorMessage() { + return bkuErrorMessage; + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BuildException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BuildException.java new file mode 100644 index 000000000..155a18f15 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BuildException.java @@ -0,0 +1,85 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.exception; + + +/** + * Exception thrown while building an XML or HTML structure. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class BuildException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = 5485716047459933845L; + +/** + * Constructor for BuildException. + * @param messageId + * @param parameters + */ + public BuildException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + /** + * Constructor for BuildException. + * @param messageId + * @param parameters + * @param wrapped + */ + public BuildException( + String messageId, + Object[] parameters, + Throwable wrapped) { + super(messageId, parameters, wrapped); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ECDSAConverterException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ECDSAConverterException.java new file mode 100644 index 000000000..2b277736d --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ECDSAConverterException.java @@ -0,0 +1,85 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.exception; + + +/** + * Exception thrown while converting ECDSAKeys from/to an XML structure. + * + * @author Rudolf Schamberger + * @version $Id$ + */ +public class ECDSAConverterException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = 4410043097831285005L; + +/** + * Constructor for ECDSAConverterException. + * @param messageId + * @param parameters + */ + public ECDSAConverterException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + /** + * Constructor for ECDSAConverterException. + * @param messageId + * @param parameters + * @param wrapped + */ + public ECDSAConverterException( + String messageId, + Object[] parameters, + Throwable wrapped) { + super(messageId, parameters, wrapped); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java new file mode 100644 index 000000000..e26ab6597 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java @@ -0,0 +1,94 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.id.auth.exception;
+
+public class MISSimpleClientException extends MOAIDException {
+
+ private static final long serialVersionUID = 1L;
+
+ private String misErrorCode;
+ private String misErrorMessage;
+
+ public MISSimpleClientException() {
+ super("UNDEFINED ERROR", null);
+ }
+
+ public MISSimpleClientException(String message) {
+ super(message, null);
+ this.misErrorMessage = message;
+ }
+
+ public MISSimpleClientException(String message, String code, String text) {
+ super(message, null);
+ this.misErrorMessage = text;
+ this.misErrorCode = code;
+ }
+
+ public MISSimpleClientException(Throwable cause) {
+ super("UNDEFINED ERROR", null, cause);
+ }
+
+ public MISSimpleClientException(String message, Throwable cause) {
+ super(message, null, cause);
+ this.misErrorMessage = message;
+ }
+
+ /**
+ * @return the bkuErrorCode
+ */
+ public String getMISErrorCode() {
+ return misErrorCode;
+ }
+
+
+ /**
+ * @return the bkuErrorMessage
+ */
+ public String getMISErrorMessage() {
+ return misErrorMessage;
+ }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOAIDException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOAIDException.java new file mode 100644 index 000000000..165fee599 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOAIDException.java @@ -0,0 +1,209 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.exception; + +import java.io.PrintStream; +import java.io.PrintWriter; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.w3c.dom.DOMImplementation; +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.util.Constants; + +/** + * Base class of technical MOA exceptions. + * + * Technical exceptions are exceptions that originate from system failure (e.g., + * a database connection fails, a component is not available, etc.) + * + * @author Patrick Peck, Ivancsics Paul + * @version $Id$ + */ +public class MOAIDException extends Exception { + /** + * + */ + private static final long serialVersionUID = -1507246171708083912L; +/** message ID */ + private String messageId; + /** wrapped exception */ + private Throwable wrapped; + + /** + * Create a new <code>MOAIDException</code>. + * + * @param messageId The identifier of the message associated with this + * exception. + * @param parameters Additional message parameters. + */ + public MOAIDException(String messageId, Object[] parameters) { + super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); + this.messageId = messageId; + } + + /** + * Create a new <code>MOAIDException</code>. + * + * @param messageId The identifier of the message associated with this + * <code>MOAIDException</code>. + * @param parameters Additional message parameters. + * @param wrapped The exception wrapped by this + * <code>MOAIDException</code>. + */ + public MOAIDException( + String messageId, + Object[] parameters, + Throwable wrapped) { + + super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); + this.messageId = messageId; + this.wrapped = wrapped; + } + + /** + * Print a stack trace of this exception to <code>System.err</code>. + * + * @see java.lang.Throwable#printStackTrace() + */ + public void printStackTrace() { + printStackTrace(System.err); + } + + /** + * Print a stack trace of this exception, including the wrapped exception. + * + * @param s The stream to write the stack trace to. + * @see java.lang.Throwable#printStackTrace(java.io.PrintStream) + */ + public void printStackTrace(PrintStream s) { + if (getWrapped() == null) + super.printStackTrace(s); + else { + s.print("Root exception: "); + getWrapped().printStackTrace(s); + } + } + + /** + * Print a stack trace of this exception, including the wrapped exception. + * + * @param s The stream to write the stacktrace to. + * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter) + */ + public void printStackTrace(PrintWriter s) { + if (getWrapped() == null) + super.printStackTrace(s); + else { + s.print("Root exception: "); + getWrapped().printStackTrace(s); + } + } + + /** + * @return message ID + */ + public String getMessageId() { + return messageId; + } + + /** + * @return wrapped exception + */ + public Throwable getWrapped() { + return wrapped; + } + + /** + * Convert this <code>MOAIDException</code> to an <code>ErrorResponse</code> + * element from the MOA namespace. + * + * @return An <code>ErrorResponse</code> element, containing the subelements + * <code>ErrorCode</code> and <code>Info</code> required by the MOA schema. + */ + public Element toErrorResponse() { + DocumentBuilder builder; + DOMImplementation impl; + Document doc; + Element errorResponse; + Element errorCode; + Element info; + + // create a new document + try { + builder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); + impl = builder.getDOMImplementation(); + } catch (ParserConfigurationException e) { + return null; + } + + // build the ErrorResponse element + doc = impl.createDocument(Constants.MOA_NS_URI, "ErrorResponse", null); + errorResponse = doc.getDocumentElement(); + + // add MOA namespace declaration + errorResponse.setAttributeNS( + Constants.XMLNS_NS_URI, + "xmlns", + Constants.MOA_NS_URI); + + // build the child elements + errorCode = doc.createElementNS(Constants.MOA_NS_URI, "ErrorCode"); + errorCode.appendChild(doc.createTextNode(messageId)); + info = doc.createElementNS(Constants.MOA_NS_URI, "Info"); + info.appendChild(doc.createTextNode(toString())); + errorResponse.appendChild(errorCode); + errorResponse.appendChild(info); + return errorResponse; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOASPException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOASPException.java new file mode 100644 index 000000000..42fa5c6a7 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOASPException.java @@ -0,0 +1,67 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +package at.gv.egovernment.moa.id.auth.exception; + +public class MOASPException extends MOAIDException { + + private static final long serialVersionUID = -4646544256490397419L; + + private String moaSPErrorCode; + private String moaSPErrorMessage; + + public MOASPException(String messageId, Object[] parameters) { + super(messageId, parameters); + + } + + + public MOASPException(String messageId, Object[] parameters, Throwable wrapped) { + super(messageId, parameters, wrapped); + } + + public MOASPException(String messageId, Object[] parameters, Throwable wrapped, + String moaSPErrorCode, String moaSPErrorMessage) { + super(messageId, parameters, wrapped); + + this.moaSPErrorCode = moaSPErrorCode; + this.moaSPErrorMessage = moaSPErrorMessage; + } + + + /** + * @return the bkuErrorCode + */ + public String getMOASPErrorCode() { + return moaSPErrorCode; + } + + + /** + * @return the bkuErrorMessage + */ + public String getMOASPErrorMessage() { + return moaSPErrorMessage; + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ParseException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ParseException.java new file mode 100644 index 000000000..83d0a398b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ParseException.java @@ -0,0 +1,85 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.exception; + + +/** + * Exception thrown while parsing an XML structure. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class ParseException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = -1057863353991948754L; + +/** + * Constructor for ParseException. + * @param messageId + * @param parameters + */ + public ParseException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + /** + * Constructor for ParseException. + * @param messageId + * @param parameters + * @param wrapped + */ + public ParseException( + String messageId, + Object[] parameters, + Throwable wrapped) { + super(messageId, parameters, wrapped); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ServiceException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ServiceException.java new file mode 100644 index 000000000..3bdf8f743 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ServiceException.java @@ -0,0 +1,85 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.exception; + + +/** + * Exception thrown while calling the MOA-SPSS web service. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class ServiceException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = 30082718911952186L; + +/** + * Constructor for ServiceException. + * @param messageId + * @param parameters + */ + public ServiceException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + /** + * Constructor for ServiceException. + * @param messageId + * @param parameters + * @param wrapped + */ + public ServiceException( + String messageId, + Object[] parameters, + Throwable wrapped) { + super(messageId, parameters, wrapped); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/ValidateException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ValidateException.java index 7ac3a15dd..0385352d2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/ValidateException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ValidateException.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -22,9 +44,8 @@ */ -package at.gv.egovernment.moa.id.auth.validator; +package at.gv.egovernment.moa.id.auth.exception; -import at.gv.egovernment.moa.id.MOAIDException; /** * Exception thrown while validating an incoming XML structure diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/WrongParametersException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/WrongParametersException.java index d98c944de..895a2aeef 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/WrongParametersException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/WrongParametersException.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -22,9 +44,8 @@ */ -package at.gv.egovernment.moa.id.auth; +package at.gv.egovernment.moa.id.auth.exception; -import at.gv.egovernment.moa.id.MOAIDException; /** * Exception thrown when the <code>AuthenticationServer</code> API is diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java index f6c5a14d8..d6d22fe4a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -35,7 +57,7 @@ import org.apache.axis.message.SOAPBodyElement; import org.w3c.dom.Document; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.ServiceException; +import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.logging.Logger; @@ -113,4 +135,4 @@ public class SignatureVerificationInvoker { } } } -}
\ No newline at end of file +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java index 1624a59c0..b39cf9e9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -25,21 +47,19 @@ package at.gv.egovernment.moa.id.auth.parser; import java.io.ByteArrayInputStream; -import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; import java.util.List; -import javax.xml.transform.TransformerException; - import org.w3c.dom.Element; import org.w3c.dom.NodeList; import org.w3c.dom.traversal.NodeIterator; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.BKUException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; @@ -84,13 +104,18 @@ public class CreateXMLSignatureResponseParser { * * @throws AuthenticationException if any authentication error occurs * @throws ParseException if an element cannot be parsed + * @throws */ - public CreateXMLSignatureResponseParser(String xmlResponse) throws AuthenticationException, ParseException { + public CreateXMLSignatureResponseParser(String xmlResponse) throws AuthenticationException, ParseException, BKUException{ try { InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8")); init(s); } - catch (Throwable t) { + + catch (BKUException e) { + throw e; + + } catch (Throwable t) { throw new ParseException("parser.01", new Object[] { t.toString()}, t); } } @@ -103,8 +128,9 @@ public class CreateXMLSignatureResponseParser { * * @throws AuthenticationException If any authentication error occurs * @throws ParseException If an element cannot be parsed + * @throws BKUException */ - public CreateXMLSignatureResponseParser(InputStream is) throws AuthenticationException, ParseException { + public CreateXMLSignatureResponseParser(InputStream is) throws AuthenticationException, ParseException, BKUException { init(is); } @@ -125,8 +151,9 @@ public class CreateXMLSignatureResponseParser { * @param is The CreateXMLSignatureResponse as stream. * @throws AuthenticationException if an authentication error occurs. * @throws ParseException If an error occurs on parsing the the document. + * @throws BKUException */ - private void init(InputStream is) throws AuthenticationException, ParseException { + private void init(InputStream is) throws AuthenticationException, ParseException, BKUException { try { Element responseElem = DOMUtils.parseXmlValidating(is); @@ -135,10 +162,16 @@ public class CreateXMLSignatureResponseParser { sigResponse_ = responseElem; } else { ErrorResponseParser erp = new ErrorResponseParser(responseElem); - throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()}); + throw new BKUException("auth.08", + new Object[] { erp.getErrorCode(), erp.getErrorInfo()}, + erp.getErrorCode(), + erp.getErrorInfo()); } - } catch (Throwable t) { + } catch (BKUException e) { + throw e; + + } catch (Throwable t) { throw new ParseException("parser.01", new Object[] { t.toString()}, t); } } @@ -186,7 +219,7 @@ public class CreateXMLSignatureResponseParser { cResp.setSamlAssertion((Element) XPathUtils.selectSingleNode(sigResponse_, "/" + slPrefix + SAML_ASSERTION_XPATH)); NodeIterator attrIter = XPathUtils.selectNodeIterator(sigResponse_, "/" + slPrefix + SAML_ATTRIBUTE_XPATH); Element samlAttr; - List samlAttributes = new ArrayList(); + List<SAMLAttribute> samlAttributes = new ArrayList<SAMLAttribute>(); while ((samlAttr = (Element) attrIter.nextNode()) != null) { String attrName = XPathUtils.getAttributeValue(samlAttr, "@AttributeName", ""); String attrNamespace = XPathUtils.getAttributeValue(samlAttr, "@AttributeNamespace", ""); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java index 9b95edc77..a09f0a2a8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -27,7 +49,7 @@ package at.gv.egovernment.moa.id.auth.parser; import org.w3c.dom.Element; import org.w3c.dom.NodeList; -import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; /** * Parses an <code><ErrorResponse></code>. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java index 6dff65616..390467bf8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -31,9 +53,9 @@ import java.util.Vector; import org.w3c.dom.Document; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.InfoboxToken; import at.gv.egovernment.moa.id.auth.data.InfoboxTokenImpl; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java index a468caf73..ab4a91df9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -36,9 +58,9 @@ import java.util.List; import org.w3c.dom.Element; import org.w3c.dom.traversal.NodeIterator; -import at.gv.egovernment.moa.id.ECDSAConverterException; -import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.ECDSAConverterException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.util.ECDSAKeyValueConverter; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java index 760df649d..28ce69e95 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -40,9 +62,10 @@ import org.apache.xpath.XPathAPI; import org.w3c.dom.Document; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.BKUException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; @@ -66,14 +89,19 @@ public class InfoboxReadResponseParser { * @param xmlResponse <code><InfoboxReadResponse></code> as String * @throws ParseException If an element cannot be parsed * @throws AuthenticationException If any authentication error occurs + * @throws BKUException */ - public InfoboxReadResponseParser(String xmlResponse) throws ParseException, AuthenticationException { + public InfoboxReadResponseParser(String xmlResponse) throws ParseException, AuthenticationException, BKUException { try { InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8")); init(s); } - catch (Throwable t) { + + catch (BKUException e) { + throw e; + + } catch (Throwable t) { throw new ParseException("parser.01", new Object[] { t.toString()}, t); } } @@ -85,8 +113,9 @@ public class InfoboxReadResponseParser { * @param is <code><InfoboxReadResponse></code> as InputStream * @throws ParseException If an element cannot be parsed * @throws AuthenticationException If any authentication error occurs + * @throws BKUException */ - public InfoboxReadResponseParser(InputStream is) throws ParseException, AuthenticationException { + public InfoboxReadResponseParser(InputStream is) throws ParseException, AuthenticationException, BKUException { init(is); } @@ -98,8 +127,9 @@ public class InfoboxReadResponseParser { * @param is The InfoBoxReadResponse as stream. * @throws AuthenticationException If an authentication error occurs. * @throws ParseException If an error occurs on parsing the the document. + * @throws BKUException */ - private void init(InputStream is) throws AuthenticationException, ParseException { + private void init(InputStream is) throws AuthenticationException, ParseException, BKUException { try { Element responseElem = DOMUtils.parseXmlValidating(is); @@ -108,11 +138,17 @@ public class InfoboxReadResponseParser { infoBoxElem_ = responseElem; } else { ErrorResponseParser erp = new ErrorResponseParser(responseElem); - throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()}); + throw new BKUException("auth.08", + new Object[] { erp.getErrorCode(), erp.getErrorInfo()}, + erp.getErrorCode(), + erp.getErrorInfo()); } + + } catch (BKUException e) { + throw e; } catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString()}, t); + throw new ParseException("parser.01", new Object[] { t.toString()}, t); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java index 204f916e5..0e0b42cde 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -26,7 +48,7 @@ package at.gv.egovernment.moa.id.auth.parser; import java.io.IOException; -import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.util.Base64Utils; /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index 84e55435d..67433dde7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -1,6 +1,29 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.parser; import java.io.UnsupportedEncodingException; +import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -8,11 +31,11 @@ import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringEscapeUtils; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.WrongParametersException; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IRequest; @@ -137,7 +160,9 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ moasession.setSsoRequested(true && oaParam.useSSO()); //make always SSO if OA requested it!!!! //Validate BKU URI - if (!ParamValidatorUtils.isValidBKUURI(bkuURL, oaParam.getBKUURL())) + List<String> allowedbkus = oaParam.getBKUURL(); + allowedbkus.addAll(AuthConfigurationProvider.getInstance().getDefaultBKUURLs()); + if (!ParamValidatorUtils.isValidBKUURI(bkuURL, allowedbkus)) throw new WrongParametersException("StartAuthentication", PARAM_BKU, "auth.12"); if (!oaParam.getBusinessService()) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java index 2c957603b..7bce406e0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -32,8 +54,8 @@ import java.io.InputStream; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index 022f21491..f6cd2b776 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -23,9 +45,13 @@ package at.gv.egovernment.moa.id.auth.servlet; +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; + import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; +import java.security.Security; import java.util.Enumeration; import java.util.HashMap; import java.util.List; @@ -34,6 +60,7 @@ import java.util.Map; import javax.servlet.RequestDispatcher; import javax.servlet.ServletConfig; import javax.servlet.ServletContext; +import javax.servlet.ServletContextEvent; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; @@ -45,17 +72,16 @@ import org.apache.commons.fileupload.FileUploadException; import org.apache.commons.fileupload.disk.DiskFileItemFactory; import org.apache.commons.fileupload.servlet.ServletFileUpload; -import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.WrongParametersException; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.entrypoints.DispatcherServlet; -import at.gv.egovernment.moa.id.storage.ExceptionStoreImpl; +import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; import at.gv.egovernment.moa.id.storage.IExceptionStore; import at.gv.egovernment.moa.id.util.ServletUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.BoolUtils; import at.gv.egovernment.moa.util.URLDecoder; /** @@ -101,6 +127,11 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { req.setAttribute("LogLevel", "debug"); } + + StatisticLogger logger = StatisticLogger.getInstance(); + logger.logErrorOperation(exceptionThrown); + + // forward this to errorpage-auth.jsp where the HTML error page is // generated ServletContext context = getServletContext(); @@ -162,46 +193,30 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { req.setAttribute("LogLevel", "debug"); } - IExceptionStore store = ExceptionStoreImpl.getStore(); + IExceptionStore store = DBExceptionStoreImpl.getStore(); String id = store.storeException(exceptionThrown); - String redirectURL = null; + if (id != null) { + + String redirectURL = null; - redirectURL = ServletUtils.getBaseUrl(req); - redirectURL += "/dispatcher?" + ERROR_CODE_PARAM + "=" + id - + "&" + DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID; + redirectURL = ServletUtils.getBaseUrl(req); + redirectURL += "/dispatcher?" + ERROR_CODE_PARAM + "=" + id + + "&" + DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID; - resp.setContentType("text/html"); - resp.setStatus(302); + resp.setContentType("text/html"); + resp.setStatus(302); - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); + resp.addHeader("Location", redirectURL); + Logger.debug("REDIRECT TO: " + redirectURL); - return; - /* - // forward this to errorpage-auth.jsp where the HTML error page is - // generated - ServletContext context = getServletContext(); - RequestDispatcher dispatcher = context - .getRequestDispatcher("/errorpage-auth.jsp"); - try { - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, - MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, - MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - dispatcher.forward(req, resp); - } catch (ServletException e) { - Logger.error(e); - } catch (IOException e) { - Logger.error(e); + return; + + } else { + + //Exception can not be stored in database + handleErrorNoRedirect(errorMessage, exceptionThrown, req, resp); } - */ } /** @@ -266,10 +281,10 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { * @throws FileUploadException * if parsing request parameters fails. */ - protected Map getParameters(HttpServletRequest req) throws IOException, + protected Map<String, String> getParameters(HttpServletRequest req) throws IOException, FileUploadException { - Map parameters = new HashMap(); + Map<String, String> parameters = new HashMap<String, String>(); if (ServletFileUpload.isMultipartContent(req)) { // request is encoded as mulitpart/form-data @@ -363,6 +378,12 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { super.init(servletConfig); } + +// public void contextDestroyed(ServletContextEvent arg0) { +// Security.removeProvider((new IAIK()).getName()); +// Security.removeProvider((new ECCProvider()).getName()); +// } + /** * Set response headers to avoid caching * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java index a77224d10..0c2bb66c0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index d4484a97c..c66e19eb0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -1,36 +1,52 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; import java.io.PrintWriter; -import java.util.Arrays; -import java.util.List; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringEscapeUtils; -import org.bouncycastle.asn1.x509.Target; -import com.trilead.ssh2.Session; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.auth.WrongParametersException; import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; public class GenerateIFrameTemplateServlet extends AuthServlet { @@ -61,6 +77,8 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { String useMandate = req.getParameter(PARAM_USEMANDATE); String ccc = req.getParameter(PARAM_CCC); String moasessionid = req.getParameter(PARAM_SESSIONID); + + moasessionid = StringEscapeUtils.escapeHtml(moasessionid); AuthenticationSession moasession = null; @@ -71,7 +89,7 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { moasession = AuthenticationSessionStoreage.getSession(moasessionid); - String newmoasessionid = AuthenticationSessionStoreage.changeSessionID(moasession); + AuthenticationSessionStoreage.changeSessionID(moasession); } catch (MOADatabaseException e) { Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database"); @@ -96,8 +114,19 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { String target = oaParam.getTarget(); String bkuURL = oaParam.getBKUURL(bkuid); + if (MiscUtil.isEmpty(bkuURL)) { + Logger.info("No OA specific BKU defined. Use BKU from default configuration"); + bkuURL = AuthConfigurationProvider.getInstance().getDefaultBKUURL(bkuid); + } + String templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid); + if (oaParam.isOnlyMandateAllowed()) + useMandate = "true"; + + if (!oaParam.isShowMandateCheckBox()) + useMandate = "false"; + //parse all OA parameters i StartAuthentificationParameterParser.parse(moasession, target, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java index 02c751a0a..2c8b3fb33 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java @@ -1,60 +1,82 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.servlet;
-import java.io.IOException; -import java.security.cert.CertificateException; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.transform.TransformerException; - -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.lang.StringEscapeUtils; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.MOAIDException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.WrongParametersException; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; +import java.io.IOException;
+import java.security.cert.CertificateException;
+import java.util.Map;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.transform.TransformerException;
+
+import org.apache.commons.fileupload.FileUploadException;
+import org.apache.commons.lang.StringEscapeUtils;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
+import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
+import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.DOMUtils;
/**
* Servlet requested for getting the foreign eID
@@ -64,11 +86,11 @@ import at.gv.egovernment.moa.util.DOMUtils; */
public class GetForeignIDServlet extends AuthServlet {
- /** - * - */ - private static final long serialVersionUID = -3415644214702379483L; - + /**
+ *
+ */
+ private static final long serialVersionUID = -3415644214702379483L;
+
/**
* Constructor for GetForeignIDServlet.
*/
@@ -114,9 +136,9 @@ public class GetForeignIDServlet extends AuthServlet { resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
- Map parameters; - - String pendingRequestID = null; + Map<String, String> parameters;
+
+ String pendingRequestID = null;
try
{
@@ -126,7 +148,7 @@ public class GetForeignIDServlet extends AuthServlet { Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
throw new IOException(e.getMessage());
}
- String sessionID = req.getParameter(PARAM_SESSIONID); + String sessionID = req.getParameter(PARAM_SESSIONID);
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
// escape parameter strings
@@ -152,13 +174,13 @@ public class GetForeignIDServlet extends AuthServlet { CreateXMLSignatureResponse csresp =
new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse).parseResponseDsig();
- Element signature = csresp.getDsigSignature(); - - try { - session.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature)); - } catch (CertificateException e) { - Logger.error("Could not extract certificate from CreateXMLSignatureResponse"); - throw new MOAIDException("auth.14", null); + Element signature = csresp.getDsigSignature();
+
+ try {
+ session.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature));
+ } catch (CertificateException e) {
+ Logger.error("Could not extract certificate from CreateXMLSignatureResponse");
+ throw new MOAIDException("auth.14", null);
}
// make SZR request to the identity link
@@ -181,40 +203,40 @@ public class GetForeignIDServlet extends AuthServlet { IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertion);
IdentityLink identitylink = ilParser.parseIdentityLink();
session.setIdentityLink(identitylink);
-
+
String samlArtifactBase64 =
- AuthenticationServer.getInstance().getForeignAuthenticationData(session); - - - //session is implicit stored in changeSessionID!!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - - Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID); - Logger.info("Daten angelegt zu MOASession " + newMOASessionID); - - if (!samlArtifactBase64.equals("Redirect to Input Processor")) { - /*redirectURL = session.getOAURLRequested(); - if (!session.getBusinessService()) { - redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8")); - } - redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); - redirectURL = resp.encodeRedirectURL(redirectURL);*/ - - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), - ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), newMOASessionID); - redirectURL = resp.encodeRedirectURL(redirectURL); - - } else { - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, newMOASessionID); - + AuthenticationServer.getInstance().getForeignAuthenticationData(session);
+
+
+ //session is implicit stored in changeSessionID!!!!
+ String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
+
+ Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID);
+ Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
+
+ if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
+ /*redirectURL = session.getOAURLRequested();
+ if (!session.getBusinessService()) {
+ redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8"));
+ }
+ redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
+ redirectURL = resp.encodeRedirectURL(redirectURL);*/
+
+ redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(),
+ ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), newMOASessionID);
+ redirectURL = resp.encodeRedirectURL(redirectURL);
+
+ } else {
+ redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, newMOASessionID);
+
}
- - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("Session store error", null); - } - +
+ try {
+ AuthenticationSessionStoreage.storeSession(session);
+ } catch (MOADatabaseException e) {
+ throw new MOAIDException("Session store error", null);
+ }
+
resp.setContentType("text/html");
resp.setStatus(302);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java index e461197e2..b2224e10c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -34,20 +56,18 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.TransformerException; import org.apache.commons.lang.StringEscapeUtils; -import org.w3c.dom.Element; import org.xml.sax.SAXException; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.WrongParametersException; -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; @@ -57,10 +77,8 @@ import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClientException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.URLEncoder; /** * Servlet requested for getting the foreign eID provided by the security layer @@ -165,7 +183,7 @@ public class GetMISSessionIDServlet extends AuthServlet { AuthConfigurationProvider.getInstance(), connectionParameters); - List list = MISSimpleClient.sendGetMandatesRequest( + List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest( connectionParameters.getUrl(), misSessionID, sslFactory); if (list == null) { @@ -181,7 +199,7 @@ public class GetMISSessionIDServlet extends AuthServlet { MISMandate mandate = (MISMandate) list.get(0); String sMandate = new String(mandate.getMandate()); - if (sMandate == null | sMandate.compareToIgnoreCase("") == 0) { + if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) { Logger.error("Mandate is empty."); throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID }); @@ -190,7 +208,7 @@ public class GetMISSessionIDServlet extends AuthServlet { //check if it is a parsable XML byte[] byteMandate = mandate.getMandate(); String stringMandate = new String(byteMandate); - Element mandateDoc = DOMUtils.parseDocument(stringMandate, false, + DOMUtils.parseDocument(stringMandate, false, null, null).getDocumentElement(); // extract RepresentationType @@ -225,8 +243,6 @@ public class GetMISSessionIDServlet extends AuthServlet { handleError(null, ex, req, resp, pendingRequestID); } catch (PKIException e) { handleError(null, e, req, resp, pendingRequestID); - } catch (MISSimpleClientException e) { - handleError(null, e, req, resp, pendingRequestID); } catch (SAXException e) { handleError(null, e, req, resp, pendingRequestID); } catch (ParserConfigurationException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index 8dc5d7469..c87a17c7f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -25,48 +47,19 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import java.io.PrintWriter; -import java.util.List; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import javax.swing.text.StyleContext.SmallAttributeSet; - -import org.apache.commons.lang.StringEscapeUtils; -import org.opensaml.saml2.metadata.RequestedAttribute; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.MOAIDException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.auth.WrongParametersException; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.stork.STORKAuthnRequestProcessor; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.stork.CPEPS; -import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; -import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StringUtils; -import eu.stork.mw.messages.saml.STORKAuthnRequest; -import eu.stork.vidp.messages.builder.STORKMessagesBuilder; -import eu.stork.vidp.messages.exception.SAMLException; -import eu.stork.vidp.messages.exception.SAMLValidationException; -import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel; -import eu.stork.vidp.messages.stork.RequestedAttributes; public class LogOutServlet extends AuthServlet { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java new file mode 100644 index 000000000..e04f97e6e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java @@ -0,0 +1,126 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +package at.gv.egovernment.moa.id.auth.servlet; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.Arrays; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.monitoring.TestManager; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +public class MonitoringServlet extends AuthServlet { + + private static final long serialVersionUID = 1L; + private static final String REQUEST_ATTR_MODULE = "module"; + + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + + try { + AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + + if (config.isMonitoringActive()) { + Logger.debug("Monitoring Servlet received request"); + + TestManager tests = TestManager.getInstance(); + + String modulename = req.getParameter(REQUEST_ATTR_MODULE); + if (MiscUtil.isEmpty(modulename)) { + + List<String> error = tests.executeTests(); + if (error != null && error.size() > 0) { + createErrorMessage(req, resp, error); + + } else { + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentType("text/html;charset=UTF-8"); + resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); + Logger.info("Monitoring Servlet finished without errors"); + } + + } else { + if (tests.existsModule(modulename)) { + List<String> errors = tests.executeTest(modulename); + if (errors != null && errors.size() > 0) { + createErrorMessage(req, resp, errors); + + } else { + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentType("text/html;charset=UTF-8"); + resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); + Logger.info("Monitoring Servlet finished without errors"); + } + + } else { + Logger.warn("NO Testmodule exists with modulename " + modulename); + resp.setStatus(HttpServletResponse.SC_NOT_FOUND); + resp.setContentType("text/html;charset=UTF-8"); + PrintWriter out; + try { + out = new PrintWriter(resp.getOutputStream()); + out.write("NO Testmodule exists with modulename " + modulename); + out.flush(); + + } catch (IOException e) { + Logger.warn("Internal Monitoring Servlet Error. ", e); + } + } + + } + } + + } catch (ConfigurationException e) { + createErrorMessage(req, resp, Arrays.asList(e.getMessage())); + } + } + + private void createErrorMessage(HttpServletRequest req, HttpServletResponse resp, List<String> errorMessage) { + Logger.warn("Monitoring Servlet found some Error: " + errorMessage); + resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + resp.setContentType("text/html;charset=UTF-8"); + PrintWriter out; + try { + out = new PrintWriter(resp.getOutputStream()); + for (String error : errorMessage) + out.write(error + "<br>"); + out.flush(); + + } catch (IOException e) { + Logger.warn("Internal Monitoring Servlet Error. ", e); + } + } + + private String getHtml(String text) { + return "<html><head><title>Reponse</title></head><body>" + text +"</body></html>"; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index f6412f897..93f17dd70 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -1,3 +1,25 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
package at.gv.egovernment.moa.id.auth.servlet;
import java.io.IOException;
@@ -14,13 +36,13 @@ import org.opensaml.saml2.core.StatusCode; import org.opensaml.xml.util.XMLHelper;
import org.w3c.dom.Element;
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.stork.STORKException;
import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java deleted file mode 100644 index ba8698934..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java +++ /dev/null @@ -1,268 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.fileupload.FileUploadException;
-import org.apache.commons.lang.StringEscapeUtils; -
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.WrongParametersException; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.builder.GetVerifyAuthBlockFormBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
-import at.gv.egovernment.moa.id.auth.validator.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.FileUtils;
-
-/**
- * Servlet requested for processing user input forms of infobox validators
- *
- * Utilizes the {@link AuthenticationServer}.
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner
- * @version $Id: ProcessValidatorInputServlet.java 769 2007-01-10 15:37:52Z peter.danner $
- */
-public class ProcessValidatorInputServlet extends AuthServlet {
-
- public static final long serialVersionUID = 1;
-
- /**
- * Constructor for VerifyIdentityLinkServlet.
- */
- public ProcessValidatorInputServlet() {
- super();
- }
-
- /**
- * Shows the user input forms of infobox validators
- *
- * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
- */
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException { - - Logger.debug("GET ProcessInput"); - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); -
- Map parameters;
- try {
- parameters = getParameters(req);
- } catch (FileUploadException e) {
- Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
- throw new IOException(e.getMessage());
- } - String sessionID = req.getParameter(PARAM_SESSIONID);
- if (sessionID==null) sessionID = (String) req.getAttribute(PARAM_SESSIONID);
- if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID);
- if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID+"_");
- - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); -
- try { - - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("ProcessInput", PARAM_SESSIONID, "auth.12"); -
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
- InfoboxValidator infoboxvalidator = session.getFirstPendingValidator();
- String outputStream;
- String dataURL = new DataURLBuilder().buildDataURL(
- session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, sessionID);
- if (infoboxvalidator!=null) {
- outputStream = infoboxvalidator.getForm();
- // replace strings the validators can not know
- outputStream = ParepUtils.replaceAll(outputStream, "<BASE_href>", session.getAuthURL());
- outputStream = ParepUtils.replaceAll(outputStream, "<MOASessionID>", sessionID);
- outputStream = ParepUtils.replaceAll(outputStream, "<BKU>", session.getBkuURL());
- outputStream = ParepUtils.replaceAll(outputStream, "<DataURL>", dataURL);
- outputStream = ParepUtils.replaceAll(outputStream, "<PushInfobox>", session.getPushInfobox());
- } else {
- throw new ValidateException("validator.65", null);
- }
- //resp.setStatus(200);
- resp.setContentType("text/html;charset=UTF-8");
- OutputStream out = resp.getOutputStream();
- out.write(outputStream.getBytes("UTF-8"));
- out.flush();
- out.close();
- Logger.debug("Finished GET ProcessInput");
- } - catch (WrongParametersException ex) { - handleWrongParameters(ex, req, resp); - }
- catch (MOAIDException ex) {
- handleError(null, ex, req, resp, null); //TODO: is this Class required?
- }
- }
-
- /**
- * Verifies the user input forms of infobox validators
- *
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
- */
- protected void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
-// Logger.debug("POST ProcessInput"); -// -// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); -// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); -// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); -// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); -//
-// Map parameters;
-// try {
-// parameters = getParameters(req);
-// } catch (FileUploadException e) {
-// Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
-// throw new IOException(e.getMessage());
-// } -// -// String sessionID = req.getParameter(PARAM_SESSIONID);
-// if (sessionID==null) sessionID = (String) req.getAttribute(PARAM_SESSIONID);
-// if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID);
-// if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID+"_");
-// -// // escape parameter strings -// sessionID = StringEscapeUtils.escapeHtml(sessionID); -//
-// try { -// -// if (!ParamValidatorUtils.isValidSessionID(sessionID)) -// throw new WrongParametersException("ProcessInput", PARAM_SESSIONID, "auth.12"); -//
-// AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-// AuthenticationServer.processInput(session, parameters);
-// String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().getCreateXMLSignatureRequestAuthBlockOrRedirect(session, null, null);
-// if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) {
-// // Now sign the AUTH Block
-// String dataURL = new DataURLBuilder().buildDataURL(
-// session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID);
-//
-// String htmlForm = null;
-//
-// boolean doInputProcessorSign = false; // If sign process should be within an extra form, provide a parameter. Otherwise transport through security layer is assumed
-// -// String inputProcessorSignForm = req.getParameter("Sign_Form");
-// if (inputProcessorSignForm==null) inputProcessorSignForm = (String) req.getAttribute("Sign_Form");
-// if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form");
-// if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form_"); -// // escape parameter strings -// inputProcessorSignForm = StringEscapeUtils.escapeHtml(inputProcessorSignForm);
-// if (!ParepUtils.isEmpty(inputProcessorSignForm)) doInputProcessorSign = inputProcessorSignForm.equalsIgnoreCase("true");
-// if (doInputProcessorSign) {
-// // Test if we have a user input form sign template -//
-// String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE); -// -// if (!ParamValidatorUtils.isValidSignUrl(inputProcessorSignTemplateURL)) -// throw new WrongParametersException("ProcessInput", PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE, "auth.12"); -//
-// String inputProcessorSignTemplate = null;
-// OAAuthParameter oaParam =
-// AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested());
-// // override template url by url from configuration file
-// if (oaParam.getInputProcessorSignTemplateURL() != null) {
-// inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL();
-// }
-// if (inputProcessorSignTemplateURL != null) {
-// try {
-// inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL));
-// } catch (IOException ex) {
-// throw new AuthenticationException(
-// "auth.03",
-// new Object[] { inputProcessorSignTemplateURL, ex.toString()},
-// ex);
-// }
-// }
-//
-// htmlForm = new GetVerifyAuthBlockFormBuilder().build(
-// inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox());
-// htmlForm = ParepUtils.replaceAll(htmlForm, "<BASE_href>", session.getAuthURL());
-// htmlForm = ParepUtils.replaceAll(htmlForm, "<MOASessionID>", sessionID);
-// htmlForm = ParepUtils.replaceAll(htmlForm, "<BKU>", session.getBkuURL());
-// htmlForm = ParepUtils.replaceAll(htmlForm, "<DataURL>", dataURL);
-// htmlForm = ParepUtils.replaceAll(htmlForm, "<PushInfobox>", session.getPushInfobox());
-// resp.setContentType("text/html;charset=UTF-8");
-// } else {
-// htmlForm = createXMLSignatureRequestOrRedirect;
-// resp.setStatus(307);
-// resp.addHeader("Location", dataURL);
-// //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
-// resp.setContentType("text/xml;charset=UTF-8");
-// }
-//
-// OutputStream out = resp.getOutputStream();
-// out.write(htmlForm.getBytes("UTF-8"));
-// out.flush();
-// out.close();
-// Logger.debug("Finished POST ProcessInput");
-// } else {
-// String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
-// resp.setContentType("text/html");
-// resp.setStatus(302);
-// resp.addHeader("Location", redirectURL);
-// Logger.debug("REDIRECT TO: " + redirectURL);
-// } -// -// try { -// AuthenticationSessionStoreage.storeSession(session); -// -// } catch (MOADatabaseException e) { -// throw new AuthenticationException("", null); -// } -//
-// } -// catch (WrongParametersException ex) { -// handleWrongParameters(ex, req, resp); -// }
-// catch (MOAIDException ex) {
-// handleError(null, ex, req, resp);
-// }
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index 5a0bd33bf..7c51e7d6b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java index 8dd547bb5..6fa7b56c6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java @@ -1,33 +1,46 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringEscapeUtils; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.WrongParametersException; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.egovernment.moa.util.URLEncoder; - - public class SSOSendAssertionServlet extends AuthServlet{ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java deleted file mode 100644 index 2deece26f..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; -import java.io.OutputStreamWriter; -import java.io.Writer; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang.StringEscapeUtils; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.auth.WrongParametersException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StringUtils; - -/** - * Servlet requested for selecting a BKU. - * <br>In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLComplete, - * the browser is redirected to the configured "BKU-Auswahl-URL". - * <br>In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLSelect, - * the list of available BKU's is fetched from a BKU-Auswahl server, and presented - * to the user in an HTML form. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class SelectBKUServlet extends AuthServlet { - - /** - * - */ - private static final long serialVersionUID = 4764993494204751296L; - -/** - * Calls the web application initializer. - * - * @see javax.servlet.Servlet#init(ServletConfig) - */ - public void init(ServletConfig servletConfig) throws ServletException { - try { - super.init(servletConfig); - MOAIDAuthInitializer.initialize(); - Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); - Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); - } - catch (Exception ex) { - Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); - throw new ServletException(ex); - } - } - - /** - * Responds with an HTML form which requests the user to choose a BKU. - */ - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("GET SelectBKU"); - -// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); -// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); -// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); -// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); -// -// String authURL = req.getScheme() + "://" + req.getServerName(); -// if ((req.getScheme().equalsIgnoreCase("https") && req.getServerPort()!=443) || (req.getScheme().equalsIgnoreCase("http") && req.getServerPort()!=80)) { -// authURL = authURL.concat(":" + req.getServerPort()); -// } -// authURL = authURL.concat(req.getContextPath() + "/"); -// -// String target = req.getParameter(PARAM_TARGET); -// String oaURL = req.getParameter(PARAM_OA); -// String bkuSelectionTemplateURL = req.getParameter(PARAM_BKUTEMPLATE); -// String templateURL = req.getParameter(PARAM_TEMPLATE); -// -// // escape parameter strings -// target = StringEscapeUtils.escapeHtml(target); -// oaURL = StringEscapeUtils.escapeHtml(oaURL); -// templateURL = StringEscapeUtils.escapeHtml(templateURL); -// bkuSelectionTemplateURL = StringEscapeUtils.escapeHtml(bkuSelectionTemplateURL); -// -// -// resp.setHeader(HEADER_EXPIRES,HEADER_VALUE_EXPIRES); -// resp.setHeader(HEADER_PRAGMA,HEADER_VALUE_PRAGMA); -// resp.setHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL); -// resp.addHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL_IE); -// -// try { -// -// // check parameter -// if (!ParamValidatorUtils.isValidOA(oaURL)) -// throw new WrongParametersException("SelectBKU", PARAM_OA, "auth.12"); -// if (!ParamValidatorUtils.isValidTemplate(req, templateURL)) -// throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12"); -// if (!ParamValidatorUtils.isValidTemplate(req, bkuSelectionTemplateURL)) -// throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12"); -// -// if (!ParamValidatorUtils.isValidTarget(target)) -// throw new WrongParametersException("SelectBKU", PARAM_TARGET, "auth.12"); -// -// OAAuthParameter oaParam = -// AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL); -// if (oaParam == null) -// throw new AuthenticationException("auth.00", new Object[] { oaURL }); -// -// // get target and target friendly name from config -// String targetConfig = oaParam.getTarget(); -// -// String returnValue = null; -// if (StringUtils.isEmpty(targetConfig)) { -// // no target attribut is given in OA config -// // target is used from request -// // check parameter -// if (!ParamValidatorUtils.isValidTarget(target)) -// throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12"); -// -// returnValue = AuthenticationServer.getInstance().selectBKU(authURL, target, oaURL, bkuSelectionTemplateURL, templateURL); -// } -// else { -// // use target from config -// returnValue = AuthenticationServer.getInstance().selectBKU(authURL, targetConfig, oaURL, bkuSelectionTemplateURL, templateURL); -// } -// -// -// String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType(); -// if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) { -// // bkuSelectionType==HTMLComplete -// String redirectURL = returnValue; -// resp.setContentType("text/html"); -// resp.sendRedirect(redirectURL); -// Logger.info("REDIRECT TO: " + redirectURL); -// } else { -// // bkuSelectionType==HTMLSelect -// String htmlForm = returnValue; -// resp.setContentType("text/html;charset=UTF-8"); -// Logger.debug("HTML-Form: " + htmlForm); -// Writer out = new OutputStreamWriter(resp.getOutputStream(), "UTF8"); -// out.write(htmlForm); -// out.flush(); -// Logger.debug("Finished GET SelectBKU"); -// } -// } -// catch (WrongParametersException ex) { -// handleWrongParameters(ex, req, resp); -// } -// catch (Throwable ex) { -// handleError(null, ex, req, resp); -// } - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index 09e4e957d..714d6b3f5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -25,7 +47,6 @@ package at.gv.egovernment.moa.id.auth.servlet; import iaik.pki.PKIException; -import iaik.x509.X509Certificate; import java.io.IOException; import java.security.GeneralSecurityException; @@ -41,13 +62,14 @@ import org.apache.commons.fileupload.FileUploadException; import org.apache.commons.lang.StringEscapeUtils; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.WrongParametersException; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConnectionParameter; @@ -59,10 +81,8 @@ import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClientException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.URLEncoder; /** * Servlet requested for verifying the signed authentication block @@ -139,7 +159,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { String pendingRequestID = null; - Map parameters; + Map<String, String> parameters; try { parameters = getParameters(req); @@ -147,6 +167,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { { Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); throw new IOException(e.getMessage()); + } String sessionID = req.getParameter(PARAM_SESSIONID); String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE); @@ -187,11 +208,15 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { // redirect url // build redirect(to the GetMISSessionIdSerlvet) + + //change MOASessionID before MIS request + String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); + redirectURL = new DataURLBuilder().buildDataURL( session.getAuthURL(), GET_MIS_SESSIONID, - session.getSessionID()); + newMOASessionID); String oaURL = session.getOAURLRequested(); OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL); @@ -226,13 +251,13 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert, oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, targetType, sslFactory); - String redirectMISGUI = misSessionID.getRedirectURL(); if (misSessionID == null) { Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null."); throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service."); } + String redirectMISGUI = misSessionID.getRedirectURL(); session.setMISSessionID(misSessionID.getSessiondId()); try { @@ -280,8 +305,6 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { handleError(null, e, req, resp, pendingRequestID); } catch (PKIException e) { handleError(null, e, req, resp, pendingRequestID); - } catch (MISSimpleClientException e) { - handleError(null, e, req, resp, pendingRequestID); } catch (TransformerException e) { handleError(null, e, req, resp, pendingRequestID); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java index ec05af5a1..80b1547c9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java @@ -1,54 +1,76 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.servlet;
-import iaik.x509.X509Certificate; - -import java.io.IOException; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.lang.StringEscapeUtils; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.MOAIDException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.WrongParametersException; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.id.util.ServletUtils; -import at.gv.egovernment.moa.logging.Logger; +import iaik.x509.X509Certificate;
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.fileupload.FileUploadException;
+import org.apache.commons.lang.StringEscapeUtils;
+
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
+import at.gv.egovernment.moa.id.util.ServletUtils;
+import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.spss.util.CertificateUtils; /**
@@ -59,11 +81,11 @@ import at.gv.egovernment.moa.spss.util.CertificateUtils; */
public class VerifyCertificateServlet extends AuthServlet {
- /** - * - */ - private static final long serialVersionUID = -4110159749768152538L; - + /**
+ *
+ */
+ private static final long serialVersionUID = -4110159749768152538L;
+
/**
* Constructor for VerifyCertificateServlet.
*/
@@ -108,10 +130,10 @@ public class VerifyCertificateServlet extends AuthServlet { resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
- - String pendingRequestID = null; - Map parameters;
+ String pendingRequestID = null;
+
+ Map<String, String> parameters;
try
{
parameters = getParameters(req);
@@ -124,8 +146,8 @@ public class VerifyCertificateServlet extends AuthServlet { // escape parameter strings
sessionID = StringEscapeUtils.escapeHtml(sessionID);
- - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); +
+ pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
AuthenticationSession session = null;
try {
@@ -142,20 +164,20 @@ public class VerifyCertificateServlet extends AuthServlet { throw new AuthenticationException("auth.14", null);
}
- boolean useMandate = session.getUseMandate(); - + boolean useMandate = session.getUseMandate();
+
if (useMandate) {
- - // verify certificate for OrganWalter - String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert); - - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("session store error", null); - } - +
+ // verify certificate for OrganWalter
+ String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert);
+
+ try {
+ AuthenticationSessionStoreage.storeSession(session);
+ } catch (MOADatabaseException e) {
+ throw new MOAIDException("session store error", null);
+ }
+
ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
}
else {
@@ -177,12 +199,12 @@ public class VerifyCertificateServlet extends AuthServlet { session.getAuthURL(),
REQ_GET_FOREIGN_ID,
session.getSessionID());
- - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("session store error", null); - } +
+ try {
+ AuthenticationSessionStoreage.storeSession(session);
+ } catch (MOADatabaseException e) {
+ throw new MOAIDException("session store error", null);
+ }
ServletUtils.writeCreateXMLSignatureRequest(resp, session, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl);
@@ -190,13 +212,13 @@ public class VerifyCertificateServlet extends AuthServlet { Logger.debug("Send CreateXMLSignatureRequest to BKU");
}
}
- catch (MOAIDException ex) { + catch (MOAIDException ex) {
handleError(null, ex, req, resp, pendingRequestID);
- } - - finally { - ConfigurationDBUtils.closeSession(); + }
+
+ finally {
+ ConfigurationDBUtils.closeSession();
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java index 38f650a65..7c2a032a1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -34,15 +56,15 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.fileupload.FileUploadException; import org.apache.commons.lang.StringEscapeUtils; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.MOAIDException; -import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.WrongParametersException; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; @@ -113,7 +135,7 @@ public class VerifyIdentityLinkServlet extends AuthServlet { Logger.debug("POST VerifyIdentityLink"); - Map parameters; + Map<String, String> parameters; String pendingRequestID = null; try @@ -185,11 +207,6 @@ public class VerifyIdentityLinkServlet extends AuthServlet { } else { - // @TODO: unteren InfoboxReadRequest zu, Signer-Cert auslesen (wegen Cert Abfrage auf Organwalter OID), - // nach oben verschoben vor verifyIdentityLink (da hier schon bPK berechnet, die aber f�r OW nicht in - // AUTH Block aufscheinen darf. --> D.h. verifyIdentityLink umbauen - verify und AUTH Block bauen trennen) - - //TODO: Klaus fragen ob der Teil wirklich noch benötigt wird!!!!! boolean useMandate = session.getUseMandate(); if (useMandate) { // Mandate modus diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/AssertionVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/AssertionVerifier.java index 7ffe59fd9..ca15cb120 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/AssertionVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/AssertionVerifier.java @@ -1,55 +1,77 @@ -/* - * Copyright 2011 by Graz University of Technology, Austria - * The Austrian STORK Modules have been developed by the E-Government - * Innovation Center EGIZ, a joint initiative of the Federal Chancellery - * Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2011 by Graz University of Technology, Austria
+ * The Austrian STORK Modules have been developed by the E-Government
+ * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
+ * Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
/**
*
*/
package at.gv.egovernment.moa.id.auth.stork;
-import java.util.List; - -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.metadata.RequestedAttribute; +import java.util.List;
+
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.metadata.RequestedAttribute;
/**
- * Interface to be implemented for verifying SAML assertions - * + * Interface to be implemented for verifying SAML assertions
+ *
* @author bzwattendorfer
*
*/
public interface AssertionVerifier {
- - /** - * Verifies a given assertion - * @param assertion SAML assertion - * @param reqIPAddress IP address of the client - * @param authnRequestID ID of the corresponding authentication request for verification - * @param recipient recipient for verification - * @param audience audience for verification - * @param reqAttrList RequestedAttribute list for verification - * @throws SecurityException +
+ /**
+ * Verifies a given assertion
+ * @param assertion SAML assertion
+ * @param reqIPAddress IP address of the client
+ * @param authnRequestID ID of the corresponding authentication request for verification
+ * @param recipient recipient for verification
+ * @param audience audience for verification
+ * @param reqAttrList RequestedAttribute list for verification
+ * @throws SecurityException
*/
public void verify(Assertion assertion, String reqIPAddress, String authnRequestID, String recipient, String audience, List<RequestedAttribute> reqAttrList) throws SecurityException;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/CredentialProvider.java index b95ab6218..80089a423 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/CredentialProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/CredentialProvider.java @@ -1,28 +1,50 @@ -/* - * Copyright 2011 by Graz University of Technology, Austria - * The Austrian STORK Modules have been developed by the E-Government - * Innovation Center EGIZ, a joint initiative of the Federal Chancellery - * Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2011 by Graz University of Technology, Austria
+ * The Austrian STORK Modules have been developed by the E-Government
+ * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
+ * Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
/**
*
*/
@@ -33,17 +55,17 @@ import org.opensaml.xml.security.credential.Credential; import eu.stork.vidp.messages.exception.SAMLException;
/**
- * Interface supporting different kinds of Credentials - * + * Interface supporting different kinds of Credentials
+ *
* @author bzwattendorfer
*
*/
public interface CredentialProvider {
- - /** - * Gets appropriate credentials - * @return Credential object - * @throws SAMLException +
+ /**
+ * Gets appropriate credentials
+ * @return Credential object
+ * @throws SAMLException
*/
public Credential getCredential() throws SAMLException;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/KeyStoreCredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/KeyStoreCredentialProvider.java index 467210b4d..cf167ba84 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/KeyStoreCredentialProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/KeyStoreCredentialProvider.java @@ -1,70 +1,92 @@ -/* - * Copyright 2011 by Graz University of Technology, Austria - * The Austrian STORK Modules have been developed by the E-Government - * Innovation Center EGIZ, a joint initiative of the Federal Chancellery - * Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2011 by Graz University of Technology, Austria
+ * The Austrian STORK Modules have been developed by the E-Government
+ * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
+ * Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.stork;
-import java.security.KeyStore; -import java.security.PrivateKey; -import java.security.cert.X509Certificate; - -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.x509.BasicX509Credential; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.gv.egovernment.moa.util.KeyStoreUtils; -import at.gv.egovernment.moa.util.StringUtils; -import eu.stork.vidp.messages.exception.SAMLException; +import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
-/** - * Provides credentials from a KeyStore - * @author bzwattendorfer - * +import at.gv.egovernment.moa.util.KeyStoreUtils;
+import at.gv.egovernment.moa.util.StringUtils;
+import eu.stork.vidp.messages.exception.SAMLException;
+
+/**
+ * Provides credentials from a KeyStore
+ * @author bzwattendorfer
+ *
*/
public class KeyStoreCredentialProvider implements CredentialProvider {
private final static Logger log = LoggerFactory.getLogger(KeyStoreCredentialProvider.class);
- +
/** KeyStore Path */
private String keyStorePath;
- +
/** KeyStore Password */
private String keyStorePassword;
- +
/** Specific Key Name as Credential */
private String keyName;
- +
/** Key password */
private String keyPassword;
- /** - * Creates a KeyStoreCredentialProvider object - * @param keyStorePath KeyStore Path - * @param keyStorePassword KeyStore Password - * @param keyName KeyName of the key to be retrieved - * @param keyPassword Password for the Key + /**
+ * Creates a KeyStoreCredentialProvider object
+ * @param keyStorePath KeyStore Path
+ * @param keyStorePassword KeyStore Password
+ * @param keyName KeyName of the key to be retrieved
+ * @param keyPassword Password for the Key
*/
public KeyStoreCredentialProvider(String keyStorePath,
String keyStorePassword, String keyName, String keyPassword) {
@@ -75,23 +97,23 @@ public class KeyStoreCredentialProvider implements CredentialProvider { this.keyPassword = keyPassword;
}
- - /** - * Gets the credential object from the KeyStore +
+ /**
+ * Gets the credential object from the KeyStore
*/
public Credential getCredential() throws SAMLException {
log.trace("Retrieving credentials for signing SAML Response.");
if (StringUtils.isEmpty(this.keyStorePath))
throw new SAMLException("No keyStorePath specified");
- +
//KeyStorePassword optional
//if (StringUtils.isEmpty(this.keyStorePassword))
// throw new SAMLException("No keyStorePassword specified");
if (StringUtils.isEmpty(this.keyName))
throw new SAMLException("No keyName specified");
- +
//KeyStorePassword optional
//if (StringUtils.isEmpty(this.keyPassword))
// throw new SAMLException("No keyPassword specified");
@@ -120,7 +142,7 @@ public class KeyStoreCredentialProvider implements CredentialProvider { return credential;
- } - - + }
+
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorAssertionVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorAssertionVerifier.java index 3048ccbee..dcd1a8a1a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorAssertionVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorAssertionVerifier.java @@ -1,58 +1,80 @@ -/* - * Copyright 2011 by Graz University of Technology, Austria - * The Austrian STORK Modules have been developed by the E-Government - * Innovation Center EGIZ, a joint initiative of the Federal Chancellery - * Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2011 by Graz University of Technology, Austria
+ * The Austrian STORK Modules have been developed by the E-Government
+ * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
+ * Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
/**
*
*/
package at.gv.egovernment.moa.id.auth.stork;
-import java.util.List; - -import org.joda.time.DateTime; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.Audience; -import org.opensaml.saml2.core.AudienceRestriction; -import org.opensaml.saml2.core.Conditions; -import org.opensaml.saml2.core.SubjectConfirmation; -import org.opensaml.saml2.core.SubjectConfirmationData; -import org.opensaml.saml2.metadata.RequestedAttribute; - -import at.gv.egovernment.moa.logging.Logger; -import eu.stork.vidp.messages.saml.STORKAttribute; -import eu.stork.vidp.messages.util.SAMLUtil; +import java.util.List;
+
+import org.joda.time.DateTime;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.Audience;
+import org.opensaml.saml2.core.AudienceRestriction;
+import org.opensaml.saml2.core.Conditions;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.saml2.core.SubjectConfirmationData;
+import org.opensaml.saml2.metadata.RequestedAttribute;
+
+import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.vidp.messages.saml.STORKAttribute;
+import eu.stork.vidp.messages.util.SAMLUtil;
/**
- * Verifies the SAML assertion according to the STORK specification + * Verifies the SAML assertion according to the STORK specification
* @author bzwattendorfer
*
*/
public class PEPSConnectorAssertionVerifier implements AssertionVerifier {
- private static final int CLOCK_SKEW_MINUTES = 5; - + private static final int CLOCK_SKEW_MINUTES = 5;
+
private static final boolean IS_USERS_CLIENT_IP_ADDRESS_TO_VERIFY = false;
/* (non-Javadoc)
@@ -63,13 +85,13 @@ public class PEPSConnectorAssertionVerifier implements AssertionVerifier { //SAML assertion need not to be signed, skipping signature validation
- verifySubjectConfirmation(assertion, reqIPAddress, authnRequestID, recipient); - - Logger.debug("SubjectConfirmationData successfully verified"); + verifySubjectConfirmation(assertion, reqIPAddress, authnRequestID, recipient);
+
+ Logger.debug("SubjectConfirmationData successfully verified");
verifyConditions(assertion, audience);
- - Logger.debug("Conditions successfully verified"); +
+ Logger.debug("Conditions successfully verified");
}
@@ -82,21 +104,21 @@ public class PEPSConnectorAssertionVerifier implements AssertionVerifier { private void verifySubjectConfirmationData(SubjectConfirmationData scData, String reqAddress, String requestID, String recipient) throws SecurityException {
//NotBefore not allowed in SSO profile
- verifyNotOnOrAfter(scData.getNotOnOrAfter()); - + verifyNotOnOrAfter(scData.getNotOnOrAfter());
+
Logger.trace("NotOnOrAfter successfully verified");
if(IS_USERS_CLIENT_IP_ADDRESS_TO_VERIFY) {
- verifyClientAddress(scData, reqAddress); + verifyClientAddress(scData, reqAddress);
Logger.trace("User's client IP address successfully verified.");
} else {
Logger.warn("User's client IP address will not be verified.");
}
- verifyRecipient(scData, recipient); - Logger.trace("Recipient successfully verified"); + verifyRecipient(scData, recipient);
+ Logger.trace("Recipient successfully verified");
- verifyInResponseTo(scData, requestID); + verifyInResponseTo(scData, requestID);
Logger.trace("InResponseTo successfully verified");
}
@@ -167,75 +189,75 @@ public class PEPSConnectorAssertionVerifier implements AssertionVerifier { private void verifyConditions(Assertion assertion, String reqAudience) throws SecurityException {
Conditions conditions = assertion.getConditions();
- verifyNotBefore(conditions.getNotBefore()); - Logger.trace("NotBefore successfully verified"); + verifyNotBefore(conditions.getNotBefore());
+ Logger.trace("NotBefore successfully verified");
- verifyNotOnOrAfter(conditions.getNotOnOrAfter()); + verifyNotOnOrAfter(conditions.getNotOnOrAfter());
Logger.trace("NotOnOrAfter successfully verified");
- verifyAudience(conditions.getAudienceRestrictions().get(0), reqAudience); - + verifyAudience(conditions.getAudienceRestrictions().get(0), reqAudience);
+
Logger.trace("Audience successfully verified");
- } - - public static void validateRequiredAttributes( - List<RequestedAttribute> reqAttrList, - List<Attribute> attrList) - throws STORKException { - - Logger.debug("Starting required attribute validation"); - - if (reqAttrList == null || reqAttrList.isEmpty()) { - Logger.error("Requested Attributes list is empty."); - throw new STORKException("No attributes have been requested"); - } - - if (attrList == null || attrList.isEmpty()) { - Logger.error("STORK AttributeStatement is empty."); - throw new STORKException("No attributes have been received"); - } - - Logger.trace("These attributes have been requested and received: "); - int count = 0; - for (RequestedAttribute reqAttr : reqAttrList) { - Logger.trace("Requested attribute: " + reqAttr.getName() + " isRequired: " + reqAttr.isRequired()); - for(Attribute attr : attrList) { - if (verifyRequestedAttribute(reqAttr, attr)) - count++; - } - } - - int numRequiredReqAttr = getNumberOfRequiredAttributes(reqAttrList); - Logger.trace("Number of requested required attributes: " + numRequiredReqAttr); - Logger.trace("Number of received required attributes: " + count); - - if (count != numRequiredReqAttr) { - Logger.error("Not all required attributes have been received"); - throw new STORKException("Not all required attributes have been received"); - } - Logger.debug("Received all required attributes!"); - - } - - private static boolean verifyRequestedAttribute(RequestedAttribute reqAttr, Attribute attr) { - - if ((reqAttr.getName()).equals(attr.getName())) { - if (reqAttr.isRequired() && SAMLUtil.getStatusFromAttribute(attr).equals(STORKAttribute.ALLOWED_ATTRIBUTE_STATUS_AVAIL)) { - Logger.trace("Received required attribute " + attr.getName() + " status: " + SAMLUtil.getStatusFromAttribute(attr)); - return true; - } - } - return false; - } - - private static int getNumberOfRequiredAttributes(List<RequestedAttribute> reqAttrList) { - int count = 0; - for (RequestedAttribute reqAttr : reqAttrList) - if (reqAttr.isRequired()) count++; - - return count; - } + }
+
+ public static void validateRequiredAttributes(
+ List<RequestedAttribute> reqAttrList,
+ List<Attribute> attrList)
+ throws STORKException {
+
+ Logger.debug("Starting required attribute validation");
+
+ if (reqAttrList == null || reqAttrList.isEmpty()) {
+ Logger.error("Requested Attributes list is empty.");
+ throw new STORKException("No attributes have been requested");
+ }
+
+ if (attrList == null || attrList.isEmpty()) {
+ Logger.error("STORK AttributeStatement is empty.");
+ throw new STORKException("No attributes have been received");
+ }
+
+ Logger.trace("These attributes have been requested and received: ");
+ int count = 0;
+ for (RequestedAttribute reqAttr : reqAttrList) {
+ Logger.trace("Requested attribute: " + reqAttr.getName() + " isRequired: " + reqAttr.isRequired());
+ for(Attribute attr : attrList) {
+ if (verifyRequestedAttribute(reqAttr, attr))
+ count++;
+ }
+ }
+
+ int numRequiredReqAttr = getNumberOfRequiredAttributes(reqAttrList);
+ Logger.trace("Number of requested required attributes: " + numRequiredReqAttr);
+ Logger.trace("Number of received required attributes: " + count);
+
+ if (count != numRequiredReqAttr) {
+ Logger.error("Not all required attributes have been received");
+ throw new STORKException("Not all required attributes have been received");
+ }
+ Logger.debug("Received all required attributes!");
+
+ }
+
+ private static boolean verifyRequestedAttribute(RequestedAttribute reqAttr, Attribute attr) {
+
+ if ((reqAttr.getName()).equals(attr.getName())) {
+ if (reqAttr.isRequired() && SAMLUtil.getStatusFromAttribute(attr).equals(STORKAttribute.ALLOWED_ATTRIBUTE_STATUS_AVAIL)) {
+ Logger.trace("Received required attribute " + attr.getName() + " status: " + SAMLUtil.getStatusFromAttribute(attr));
+ return true;
+ }
+ }
+ return false;
+ }
+
+ private static int getNumberOfRequiredAttributes(List<RequestedAttribute> reqAttrList) {
+ int count = 0;
+ for (RequestedAttribute reqAttr : reqAttrList)
+ if (reqAttr.isRequired()) count++;
+
+ return count;
+ }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java index b09b6a64e..134836a9e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java @@ -1,3 +1,25 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
/*
* Copyright 2011 by Graz University of Technology, Austria
* The Austrian STORK Modules have been developed by the E-Government
@@ -31,18 +53,16 @@ package at.gv.egovernment.moa.id.auth.stork; import org.opensaml.xml.validation.ValidationException;
import org.w3c.dom.Element;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.ServiceException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.ParseException;
+import at.gv.egovernment.moa.id.auth.exception.ServiceException;
import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Constants;
import eu.stork.mw.messages.saml.STORKResponse;
import eu.stork.vidp.messages.exception.SAMLValidationException;
import eu.stork.vidp.messages.util.SAMLUtil;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/ResponseVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/ResponseVerifier.java index 848937824..ea3d4101b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/ResponseVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/ResponseVerifier.java @@ -1,43 +1,65 @@ -/* - * Copyright 2011 by Graz University of Technology, Austria - * The Austrian STORK Modules have been developed by the E-Government - * Innovation Center EGIZ, a joint initiative of the Federal Chancellery - * Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2011 by Graz University of Technology, Austria
+ * The Austrian STORK Modules have been developed by the E-Government
+ * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
+ * Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.stork;
-import eu.stork.mw.messages.saml.STORKResponse; - -/** - * Interface to be implemented for SAML response verification - * @author bzwattendorfer - * +import eu.stork.mw.messages.saml.STORKResponse;
+
+/**
+ * Interface to be implemented for SAML response verification
+ * @author bzwattendorfer
+ *
*/
public interface ResponseVerifier {
- - /** - * Verifies a STORK response - * @param response STORK response - * @throws SecurityException +
+ /**
+ * Verifies a STORK response
+ * @param response STORK response
+ * @throws SecurityException
*/
public void verify(STORKResponse response) throws SecurityException;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java index ff30919bc..5dc615b6c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java @@ -1,3 +1,25 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
/**
*
*/
@@ -6,20 +28,15 @@ package at.gv.egovernment.moa.id.auth.stork; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.commons.lang.StringUtils;
import org.apache.velocity.app.VelocityEngine;
import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
import org.opensaml.saml2.metadata.AssertionConsumerService;
import org.opensaml.saml2.metadata.Endpoint;
-import org.opensaml.saml2.metadata.RequestedAttribute;
import org.opensaml.ws.transport.http.HTTPOutTransport;
import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
import org.opensaml.xml.security.credential.Credential;
-import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet;
-import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.logging.Logger;
import eu.stork.mw.messages.saml.STORKAuthnRequest;
import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java index 5b737603b..a91e1bc5a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java @@ -1,3 +1,25 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
/**
*
*/
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index c98ca87b9..37c9376ae 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -1,29 +1,42 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
/**
*
*/
package at.gv.egovernment.moa.id.auth.stork;
-import iaik.x509.X509Certificate;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
import java.util.List;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.namespace.QName;
-import javax.xml.transform.TransformerException;
import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.saml2.metadata.SurName;
import org.opensaml.ws.transport.http.HTTPInTransport;
import org.opensaml.ws.transport.http.HTTPOutTransport;
import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
@@ -36,17 +49,16 @@ import org.opensaml.xml.util.XMLHelper; import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
-import at.gv.egovernment.moa.id.ParseException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.StringUtils;
import eu.stork.mw.messages.saml.STORKResponse;
@@ -361,6 +373,9 @@ public class STORKResponseProcessor { } catch (ParseException e) {
Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
throw new STORKException("Error parsing IdentityLink received from SZR-Gateway: ", e);
+ } catch (at.gv.egovernment.moa.id.client.SZRGWClientException e) {
+ Logger.error("Error connecting SZR-Gateway: ", e);
+ throw new STORKException("Error connecting SZR-Gateway: ", e);
}
return identityLink;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java index 29478718f..b923727f9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java @@ -1,48 +1,70 @@ -/* - * Copyright 2011 by Graz University of Technology, Austria - * The Austrian STORK Modules have been developed by the E-Government - * Innovation Center EGIZ, a joint initiative of the Federal Chancellery - * Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2011 by Graz University of Technology, Austria
+ * The Austrian STORK Modules have been developed by the E-Government
+ * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
+ * Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
/**
*
*/
package at.gv.egovernment.moa.id.auth.stork;
-import org.apache.velocity.app.VelocityEngine; -import org.apache.velocity.runtime.RuntimeConstants; +import org.apache.velocity.app.VelocityEngine;
+import org.apache.velocity.runtime.RuntimeConstants;
/**
- * Gets a Velocity Engine - * + * Gets a Velocity Engine
+ *
* @author bzwattendorfer
*
*/
public class VelocityProvider {
- - /** - * Gets velocityEngine from Classpath - * @return VelocityEngine - * @throws Exception +
+ /**
+ * Gets velocityEngine from Classpath
+ * @return VelocityEngine
+ * @throws Exception
*/
public static VelocityEngine getClassPathVelocityEngine() throws Exception {
VelocityEngine velocityEngine = getBaseVelocityEngine();
@@ -54,12 +76,12 @@ public class VelocityProvider { return velocityEngine;
}
- - /** - * Gets VelocityEngine from File - * @param rootPath File Path to template file - * @return VelocityEngine - * @throws Exception +
+ /**
+ * Gets VelocityEngine from File
+ * @param rootPath File Path to template file
+ * @return VelocityEngine
+ * @throws Exception
*/
public static VelocityEngine getFileVelocityEngine(String rootPath) throws Exception {
VelocityEngine velocityEngine = getBaseVelocityEngine();
@@ -72,10 +94,10 @@ public class VelocityProvider { return velocityEngine;
}
- - /** - * Gets a basic VelocityEngine - * @return VelocityEngine +
+ /**
+ * Gets a basic VelocityEngine
+ * @return VelocityEngine
*/
private static VelocityEngine getBaseVelocityEngine() {
VelocityEngine velocityEngine = new VelocityEngine();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index b2ef2d000..5471c03f5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -40,6 +62,7 @@ import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; +import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; @@ -142,7 +165,7 @@ public class CreateXMLSignatureResponseValidator { int offset = 0; // check number of SAML aatributes - List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); + List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); int extendedSAMLAttributesNum = 0; if (extendedSAMLAttributes != null) { extendedSAMLAttributesNum = extendedSAMLAttributes.size(); @@ -261,7 +284,7 @@ public class CreateXMLSignatureResponseValidator { if (!samlAttribute.getName().equals("SpecialText")) { throw new ValidateException( "validator.37", - new Object[] {samlAttribute.getName(), "SpecialText", String.valueOf(3)}); + new Object[] {samlAttribute.getName(), "SpecialText", String.valueOf(4)}); } if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) { String samlSpecialText = (String)samlAttribute.getValue(); @@ -284,10 +307,29 @@ public class CreateXMLSignatureResponseValidator { throw new ValidateException("validator.35", null); } + + //check unique AuthBlock tokken + samlAttribute = samlAttributes[4 + offset]; + if (!samlAttribute.getName().equals("UniqueTokken")) { + throw new ValidateException( + "validator.37", + new Object[] {samlAttribute.getName(), "UniqueTokken", String.valueOf(5)}); + } + if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) { + String uniquetokken = (String)samlAttribute.getValue(); + + if (!uniquetokken.equals(session.getAuthBlockTokken())) { + throw new ValidateException("validator.70", new Object[] {uniquetokken, session.getAuthBlockTokken()}); + } + } else { + throw new ValidateException("validator.35", null); + } + + // now check the extended SAML attributes int i = AuthenticationBlockAssertionBuilder.NUM_OF_SAML_ATTRIBUTES + offset; if (extendedSAMLAttributes != null) { - Iterator it = extendedSAMLAttributes.iterator(); + Iterator<ExtendedSAMLAttribute> it = extendedSAMLAttributes.iterator(); while (it.hasNext()) { ExtendedSAMLAttribute extendedSAMLAttribute = (ExtendedSAMLAttribute)it.next(); samlAttribute = samlAttributes[i]; @@ -405,12 +447,12 @@ public class CreateXMLSignatureResponseValidator { SAMLAttribute[] samlAttributes = createXMLSignatureResponse.getSamlAttributes(); boolean foundOA = false; - boolean foundGB = false; - boolean foundWBPK = false; +// boolean foundGB = false; +// boolean foundWBPK = false; int offset = 0; // check number of SAML aatributes - List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); + List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); int extendedSAMLAttributesNum = 0; if (extendedSAMLAttributes != null) { extendedSAMLAttributesNum = extendedSAMLAttributes.size(); @@ -470,7 +512,7 @@ public class CreateXMLSignatureResponseValidator { if (!samlAttribute.getName().equals("SpecialText")) { throw new ValidateException( "validator.37", - new Object[] {samlAttribute.getName(), "SpecialText", String.valueOf(3)}); + new Object[] {samlAttribute.getName(), "SpecialText", String.valueOf(4)}); } if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) { String samlSpecialText = (String)samlAttribute.getValue(); @@ -494,10 +536,28 @@ public class CreateXMLSignatureResponseValidator { throw new ValidateException("validator.35", null); } + //check unique AuthBlock tokken + samlAttribute = samlAttributes[3 + offset]; + if (!samlAttribute.getName().equals("UniqueTokken")) { + throw new ValidateException( + "validator.37", + new Object[] {samlAttribute.getName(), "UniqueTokken", String.valueOf(5)}); + } + if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) { + String uniquetokken = (String)samlAttribute.getValue(); + + if (!uniquetokken.equals(session.getAuthBlockTokken())) { + throw new ValidateException("validator.70", new Object[] {uniquetokken, session.getAuthBlockTokken()}); + } + } else { + throw new ValidateException("validator.35", null); + } + + // now check the extended SAML attributes int i = AuthenticationBlockAssertionBuilder.NUM_OF_SAML_ATTRIBUTES_SSO + offset; if (extendedSAMLAttributes != null) { - Iterator it = extendedSAMLAttributes.iterator(); + Iterator<ExtendedSAMLAttribute> it = extendedSAMLAttributes.iterator(); while (it.hasNext()) { ExtendedSAMLAttribute extendedSAMLAttribute = (ExtendedSAMLAttribute)it.next(); samlAttribute = samlAttributes[i]; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java index a4b98c4c8..fa6486afe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -28,6 +50,7 @@ import org.w3c.dom.Element; import org.w3c.dom.NodeList; import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.XPathUtils; @@ -70,25 +93,25 @@ public class IdentityLinkValidator implements Constants { /** Xpath expression to the SAML:Attribute element */ private static final String ATTRIBUTE_XPATH = ROOT + SAML + "AttributeStatement/" + SAML + "Attribute"; - /** Xpath expression to the SAML:AttributeName attribute */ - private static final String ATTRIBUTE_NAME_XPATH = - ROOT + SAML + "AttributeStatement/" + SAML + "Attribute/@AttributeName"; - /** Xpath expression to the SAML:AttributeNamespace attribute */ - private static final String ATTRIBUTE_NAMESPACE_XPATH = - ROOT - + SAML - + "AttributeStatement/" - + SAML - + "Attribute/@AttributeNamespace"; - /** Xpath expression to the SAML:AttributeValue element */ - private static final String ATTRIBUTE_VALUE_XPATH = - ROOT - + SAML - + "AttributeStatement/" - + SAML - + "Attribute/" - + SAML - + "AttributeValue"; +// /** Xpath expression to the SAML:AttributeName attribute */ +// private static final String ATTRIBUTE_NAME_XPATH = +// ROOT + SAML + "AttributeStatement/" + SAML + "Attribute/@AttributeName"; +// /** Xpath expression to the SAML:AttributeNamespace attribute */ +// private static final String ATTRIBUTE_NAMESPACE_XPATH = +// ROOT +// + SAML +// + "AttributeStatement/" +// + SAML +// + "Attribute/@AttributeNamespace"; +// /** Xpath expression to the SAML:AttributeValue element */ +// private static final String ATTRIBUTE_VALUE_XPATH = +// ROOT +// + SAML +// + "AttributeStatement/" +// + SAML +// + "Attribute/" +// + SAML +// + "AttributeValue"; /** Singleton instance. <code>null</code>, if none has been created. */ private static IdentityLinkValidator instance; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/InfoboxValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/InfoboxValidator.java index 7d951d65f..e6e2539c9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/InfoboxValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/InfoboxValidator.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -30,6 +52,7 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult; import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams; +import at.gv.egovernment.moa.id.auth.exception.ValidateException; /** * Validates an InfoboxReadResponse. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index ed826c615..0d39a4bc5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java @@ -1,3 +1,25 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal @@ -35,9 +57,9 @@ import java.security.interfaces.RSAPublicKey; import java.util.List; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -123,7 +145,7 @@ public class VerifyXMLSignatureResponseValidator { throw new ValidateException("validator.50", null); } } - + //Check whether the returned X509 SubjectName is in the MOA-ID configuration or not if (identityLinkSignersSubjectDNNames != null) { String subjectDN = ""; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessor.java deleted file mode 100644 index c8020cda4..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessor.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.validator.parep;
-
-import java.util.Map; - -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateRequest; -import at.gv.egovernment.moa.id.auth.validator.parep.config.ParepConfiguration; -
-/**
- * Input processor for infobox validators.
- */
-public interface ParepInputProcessor {
-
- /**
- * Initialize user input processing. This function must initialize the
- * processor to remember its state. Fixed values for the current authentication
- * session are set here.
- *
- * @param representationID The id of the provided standardized mandate
- * @param parepConfiguration The configuration of the party representation validator
- * @param rpFamilyName The family name of the representative
- * @param rpGivenName
- * @param rpDateOfBirth
- * @param request CreateMandateRequest containing the representative and the mandator
- */
-
- public void initialize(
- String representationID, ParepConfiguration parepConfiguration,
- String rpFamilyName, String rpGivenName, String rpDateOfBirth,
- CreateMandateRequest request);
-
- /**
- * Starting point of user input processing. This function must initialize the
- * processor and remember its state.
- *
- * @param physical Is person a physical person selected
- * @param familyName The family name of the mandator
- * @param givenName
- * @param dateOfBirth
- * @param streetName The address of the physical person
- * @param buildingNumber
- * @param unit
- * @param postalCode
- * @param municipality
- * @param cbFullName
- * @param cbIdentificationType
- * @param cbIdentificationValue
- * @return The initial user input form
- */
- public String start(
- boolean physical, String familyName, String givenName, String dateOfBirth,
- String streetName, String buildingNumber, String unit, String postalCode, String municipality,
- String cbFullName, String cbIdentificationType, String cbIdentificationValue);
-
- /**
- * Validation after the user submitted form
- *
- * @param parameters Returned input field values
- * @param extErrortext Error text from SZR-gateway to throw error page or form to correct user input data
- * @return User input form if needed, or empty form if everything is ok with the user input. Returns null on error.
- */
- public String validate(Map parameters, String extErrortext);
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java deleted file mode 100644 index a154c9ece..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java +++ /dev/null @@ -1,337 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -/**
- *
- */
-package at.gv.egovernment.moa.id.auth.validator.parep;
-
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.InputStream;
-import java.text.ParseException;
-import java.text.SimpleDateFormat;
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateRequest;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
-import at.gv.egovernment.moa.id.auth.validator.parep.config.ParepConfiguration;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Implements the standard party representation infobox validator input processor
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- *
- */
-public class ParepInputProcessorImpl implements ParepInputProcessor{
-
- /** the requested representation ID (currently * or OID) */
- private String representationID;
-
- /** contains the configuration of the owning validator */
- private ParepConfiguration parepConfiguration;
-
- /** Family name of the representative */
- private String rpFamilyName;
-
- /** Given name of the representative */
- private String rpGivenName;
-
- /** The representatives date of birth */
- private String rpDateOfBirth;
-
- /** The current CreateMandateRequest to the SZR-gateway */
- private CreateMandateRequest request;
-
- /*
- * (non-Javadoc)
- *
- * @see at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessor#initialize(String, ParepConfiguration, String, String, String, CreateMandateRequest)
- */
- public void initialize(
- String representationID, ParepConfiguration parepConfiguration,
- String rpFamilyName, String rpGivenName, String rpDateOfBirth,
- CreateMandateRequest request)
- {
- // Initialization
- this.representationID = representationID;
- this.parepConfiguration = parepConfiguration;
- this.rpFamilyName = rpFamilyName;
- this.rpGivenName = rpGivenName;
- this.rpDateOfBirth = rpDateOfBirth;
- this.request = request;
- } - -public String start(boolean physical, String familyName, String givenName, - String dateOfBirth, String streetName, String buildingNumber, - String unit, String postalCode, String municipality, String cbFullName, - String cbIdentificationType, String cbIdentificationValue) { - // TODO Auto-generated method stub - return null; -} - -public String validate(Map parameters, String extErrortext) { - // TODO Auto-generated method stub - return null; -}
- - //TODO: check correctness
-// /*
-// * (non-Javadoc)
-// *
-// * @see at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessor#start(boolean, String, String, String, String, String, String, String, String, String, String, String)
-// */
-// public String start(
-// boolean physical, String familyName, String givenName, String dateOfBirth,
-// String streetName, String buildingNumber, String unit, String postalCode, String municipality,
-// String cbFullName, String cbIdentificationType, String cbIdentificationValue)
-// {
-// // Load the form
-// String form = loadForm(
-// physical, familyName, givenName, dateOfBirth,
-// streetName, buildingNumber, unit, postalCode, municipality,
-// cbFullName, cbIdentificationType, cbIdentificationValue, "");
-// try {
-// request.setMandator(familyName, givenName, dateOfBirth, postalCode, municipality, streetName, buildingNumber, unit, physical, cbFullName,
-// cbIdentificationType, cbIdentificationValue);
-// } catch (SZRGWClientException e) {
-// //e.printStackTrace();
-// Logger.info(e);
-// return null;
-// }
-// return form;
-// }
-//
-// /*
-// * (non-Javadoc)
-// *
-// * @see at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessor#validate(Map, String)
-// */
-// public String validate(Map parameters, String extErrortext)
-// {
-//
-// // Process the gotten parameters
-// String form = null;
-// boolean formNecessary = false;
-// if (!ParepUtils.isEmpty(extErrortext)) formNecessary = true;
-// String locErrortext = "Folgende Parameter fehlen: ";
-//
-// String familyName = (String) parameters.get("familyname_");
-// if (null == familyName) familyName ="";
-// String givenName = (String) parameters.get("givenname_");
-// if (null == givenName) givenName ="";
-// boolean physical = "true".equals(parameters.get("physical_"));
-// String dobday = (String) parameters.get("dobday_");
-// if (null!=dobday && dobday.equalsIgnoreCase("TT")) dobday="";
-// String dobmonth = (String) parameters.get("dobmonth_");
-// if (null!=dobmonth && dobmonth.equalsIgnoreCase("MM")) dobmonth="";
-// String dobyear = (String) parameters.get("dobyear_");
-// if (null!=dobyear && dobyear.equalsIgnoreCase("JJJJ")) dobyear="";
-// String dateOfBirth = "";
-// dobyear = (" ".substring(0, 4-dobyear.length()) + dobyear);
-// dobmonth = (" ".substring(0, 2-dobmonth.length()) + dobmonth);
-// dobday = (" ".substring(0, 2-dobday.length()) + dobday);
-// dateOfBirth = dobyear + "-" + dobmonth + "-" + dobday;
-// String cbFullName = (String) parameters.get("fullname_");
-// if (null == cbFullName) cbFullName ="";
-// String cbIdentificationType = (String) parameters.get("cbidentificationtype_");
-// if (null == cbIdentificationType) cbIdentificationType ="";
-// String cbIdentificationValue = (String) parameters.get("cbidentificationvalue_");
-// if (null == cbIdentificationValue) cbIdentificationValue ="";
-// String postalCode = (String) parameters.get("postalcode_");
-// if (null == postalCode) postalCode ="";
-// String municipality = (String) parameters.get("municipality_");
-// if (null == municipality) municipality ="";
-// String streetName = (String) parameters.get("streetname_");
-// if (null == streetName) streetName ="";
-// String buildingNumber = (String) parameters.get("buildingnumber_");
-// if (null == buildingNumber) buildingNumber ="";
-// String unit = (String) parameters.get("unit_");
-// if (null == unit) unit ="";
-//
-// if (physical) {
-// if (ParepUtils.isEmpty(familyName)) {
-// formNecessary = true;
-// locErrortext = locErrortext + "Familienname";
-// }
-// if (ParepUtils.isEmpty(givenName)) {
-// formNecessary = true;
-// if (!locErrortext.endsWith(": ")) locErrortext = locErrortext + ", ";
-// locErrortext = locErrortext + "Vorname";
-// }
-// // Auf existierendes Datum prüfen
-// SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd");
-// format.setLenient(false); // Wir wollen keine künstliche Pareserintelligenz, nur Datum prüfen
-// try {
-// format.parse(dateOfBirth);
-// }
-// catch(ParseException pe)
-// {
-// formNecessary = true;
-// if (!locErrortext.endsWith("fehlen: ")) locErrortext = locErrortext + ", ";
-// locErrortext = locErrortext + "korrektes Geburtsdatum";
-// }
-// } else {
-// if (ParepUtils.isEmpty(cbFullName) || ParepUtils.isEmpty(cbIdentificationType) || ParepUtils.isEmpty(cbIdentificationValue)) {
-// formNecessary = true;
-// if (ParepUtils.isEmpty(cbFullName)) {
-// locErrortext = locErrortext + "Name der Organisation";
-// }
-// if (ParepUtils.isEmpty(cbIdentificationType)) {
-// if (!locErrortext.endsWith("fehlen: ")) locErrortext = locErrortext + ", ";
-// locErrortext = locErrortext + "Auswahl des Registers";
-// }
-// if (ParepUtils.isEmpty(cbIdentificationValue)) {
-// if (!locErrortext.endsWith("fehlen: ")) locErrortext = locErrortext + ", ";
-// locErrortext = locErrortext + "Ordnungsnummer im ausgewählten Register";
-// }
-// }
-// }
-// try {
-// request.setMandator(familyName, givenName, dateOfBirth, postalCode, municipality, streetName, buildingNumber, unit, physical, cbFullName,
-// cbIdentificationType, cbIdentificationValue);
-// if (formNecessary) {
-// // Daten noch nicht vollständig oder anderer Fehler
-// if (locErrortext.endsWith("fehlen: ")) locErrortext ="";
-// String error = "";
-// if (!ParepUtils.isEmpty(extErrortext)) {
-// error = extErrortext;
-// if (!ParepUtils.isEmpty(locErrortext)) error = error + "; ";
-// }
-// if (!ParepUtils.isEmpty(locErrortext)) error = error + locErrortext;
-// if (!ParepUtils.isEmpty(error)) {
-// error = "<div class=\"errortext\"> <img alt=\"Rufezeichen\" src=\"img/rufezeichen.gif\" width=\"10\" height=\"16\" /> " + error + "</div>";
-// }
-// form = loadForm(physical, familyName, givenName, dateOfBirth, streetName, buildingNumber, unit, postalCode, municipality, cbFullName, cbIdentificationType, cbIdentificationValue, error);
-// if (form == null) {
-// return null;
-// }
-// } else {
-// return ""; // everything is ok
-// }
-// } catch (Exception e) {
-// //e.printStackTrace();
-// Logger.info(e);
-// return null;
-// }
-// return form;
-// }
-//
-// /**
-// * Loads the empty user input form and replaces tag occurences with given variables
-// *
-// * @param physical
-// * @param familyName
-// * @param givenName
-// * @param dateOfBirth
-// * @param streetName
-// * @param buildingNumber
-// * @param unit
-// * @param postalCode
-// * @param municipality
-// * @param cbFullName
-// * @param cbIdentificationType
-// * @param cbIdentificationValue
-// * @param errorText
-// * @return
-// */
-// private String loadForm(
-// boolean physical, String familyName, String givenName, String dateOfBirth,
-// String streetName, String buildingNumber, String unit, String postalCode, String municipality,
-// String cbFullName, String cbIdentificationType, String cbIdentificationValue, String errorText)
-// {
-// String form = "";
-// try {
-// String fileName = parepConfiguration.getInputProcessorTemplate(representationID);
-// InputStream instream = null;
-// File file = new File(fileName);
-// if (file.exists()) {
-// //if this resolves to a file, load it
-// instream = new FileInputStream(fileName);
-// } else {
-// fileName = parepConfiguration.getFullDirectoryName(fileName);
-// if (fileName.startsWith("file:\\")) fileName = fileName.substring(6);
-// file = new File(fileName);
-// if (file.exists()) {
-// //if this resolves to a file, load it
-// instream = new FileInputStream(fileName);
-// } else {
-// //else load a named resource in our classloader.
-// instream = this.getClass().getResourceAsStream(parepConfiguration.getInputProcessorTemplate(representationID));
-// if (instream == null) {
-// Logger.error("Form Prozessor Input Template \"" + fileName + "\" fehlt");
-// return null;
-// }
-// }
-// }
-// ByteArrayOutputStream bos = new ByteArrayOutputStream();
-// ParepUtils.dumpInputOutputStream(instream, bos);
-// form = bos.toString("UTF-8");
-// } catch(Exception e) {
-// Logger.error("Fehler beim Einlesen des Input-Templates.", e);
-// }
-//
-// if (!ParepUtils.isEmpty(form)) {
-// boolean cbEnabled = parepConfiguration.isRepresentingCorporateParty(representationID);
-// boolean physEnabled = parepConfiguration.isRepresentingPhysicalParty(representationID);
-// boolean reducedSelection = (!physEnabled || !cbEnabled);
-// if (reducedSelection) {
-// physical = !cbEnabled;//wird somit umgesetzt falls jur. Person nicht vetretbar
-// }
-// if (ParepUtils.isEmpty(dateOfBirth)) dateOfBirth = "JJJJ-MM-TT";
-// form = ParepUtils.replaceAll(form, "<rpgivenname>", rpGivenName);
-// form = ParepUtils.replaceAll(form, "<rpfamilyname>", rpFamilyName);
-// form = ParepUtils.replaceAll(form, "<rpdobyear>", rpDateOfBirth.substring(0,4));
-// form = ParepUtils.replaceAll(form, "<rpdobmonth>", rpDateOfBirth.substring(5,7));
-// form = ParepUtils.replaceAll(form, "<rpdobday>", rpDateOfBirth.substring(8,10));
-// //darf zw. phys. und jur. Person gewählt werden:
-// //form = replaceAll(form, "seldisabled=\"\"", reducedSelection ? "disabled=\"true\"" : "");
-// form = ParepUtils.replaceAll(form, "physdisabled=\"\"", physEnabled ? "" : "disabled=\"true\"");
-// form = ParepUtils.replaceAll(form, "physselected=\"\"", physical ? "checked=\"checked\"" : "");
-// form = ParepUtils.replaceAll(form, "<givenname>", givenName);
-// form = ParepUtils.replaceAll(form, "<familyname>", familyName);
-// form = ParepUtils.replaceAll(form, "<dobyear>", dateOfBirth.substring(0,4).trim());
-// form = ParepUtils.replaceAll(form, "<dobmonth>", dateOfBirth.substring(5,7).trim());
-// form = ParepUtils.replaceAll(form, "<dobday>", dateOfBirth.substring(8,10).trim());
-// form = ParepUtils.replaceAll(form, "<streetname>", streetName);
-// form = ParepUtils.replaceAll(form, "<buildingnumber>", buildingNumber);
-// form = ParepUtils.replaceAll(form, "<unit>", unit);
-// form = ParepUtils.replaceAll(form, "<postalcode>", postalCode);
-// form = ParepUtils.replaceAll(form, "<municipality>", municipality);
-// form = ParepUtils.replaceAll(form, "cbdisabled=\"\"", cbEnabled ? "" : "disabled=\"true\"");
-// form = ParepUtils.replaceAll(form, "<fullname>", cbFullName);
-// form = ParepUtils.replaceAll(form, "cbseldisabled=\"\"", cbEnabled ? "" : "disabled=\"disabled\"");
-// form = ParepUtils.replaceAll(form, "cbselected=\"\"", physical ? "" : "checked=\"checked\"");
-// form = ParepUtils.replaceAll(form, "fnselected=\"\"", cbIdentificationType.equals("urn:publicid:gv.at:baseid+XFN") ? "selected=\"selected\"" : "");
-// form = ParepUtils.replaceAll(form, "vrselected=\"\"", cbIdentificationType.equals("urn:publicid:gv.at:baseid+XVR") ? "selected=\"selected\"" : "");
-// form = ParepUtils.replaceAll(form, "ersbselected=\"\"", cbIdentificationType.equals("urn:publicid:gv.at:baseid+XERSB") ? "selected=\"selected\"" : "");
-// form = ParepUtils.replaceAll(form, "<cbidentificationvalue>", cbIdentificationValue);
-// form = ParepUtils.replaceAll(form, "<errortext>", errorText);
-// }
-// return form;
-// }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java index ab7a134c8..5483b865e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java @@ -1,58 +1,80 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.validator.parep;
-import java.io.File; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.OutputStreamWriter; - -import javax.xml.parsers.DocumentBuilderFactory; - -import org.apache.xml.serialize.OutputFormat; -import org.apache.xml.serialize.XMLSerializer; -import org.apache.xpath.XPathAPI; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; -import at.gv.egovernment.moa.id.auth.validator.ValidateException; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.BoolUtils; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.StringUtils; +import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.OutputStreamWriter;
+
+import javax.xml.parsers.DocumentBuilderFactory;
+
+import org.apache.xml.serialize.OutputFormat;
+import org.apache.xml.serialize.XMLSerializer;
+import org.apache.xpath.XPathAPI;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.ParseException;
+import at.gv.egovernment.moa.id.auth.exception.ValidateException;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.BoolUtils;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.StringUtils;
/**
* This class implements a set of utility methods.
@@ -253,12 +275,12 @@ public class ParepUtils { try {
Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode");
nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
- - String s = DOMUtils.serializeNode(mandator); +
+ DOMUtils.serializeNode(mandator);
// check if physical person
- Element physicalPerson = (Element) XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:PhysicalPerson", nameSpaceNode); - + Element physicalPerson = (Element) XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:PhysicalPerson", nameSpaceNode);
+
// Element physicalPerson = (Element)XPathAPI.selectSingleNode(mandator,
// "descendant-or-self::pr:CorporateBody", nameSpaceNode);
@@ -511,25 +533,25 @@ public class ParepUtils { }
}
- /*
- *
- */
- private static Element extractRepresentative(Element mandate) throws SZRGWClientException {
- try {
- Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS);
- Element mandator = (Element) XPathAPI.selectSingleNode(mandate, "//md:Representative/child::*[1]", nameSpaceNode);
- String nsPrefix = mandator.getPrefix();
- String nsUri = mandator.getNamespaceURI();
-
- Element mandatorClone = (Element) mandator.cloneNode(true);
- mandatorClone.setAttribute("xmlns:" + nsPrefix, nsUri);
-
- return mandatorClone;
- } catch (Exception e) {
- throw new SZRGWClientException(e);
- }
- }
+// /*
+// *
+// */
+// private static Element extractRepresentative(Element mandate) throws SZRGWClientException {
+// try {
+// Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
+// nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS);
+// Element mandator = (Element) XPathAPI.selectSingleNode(mandate, "//md:Representative/child::*[1]", nameSpaceNode);
+// String nsPrefix = mandator.getPrefix();
+// String nsUri = mandator.getNamespaceURI();
+//
+// Element mandatorClone = (Element) mandator.cloneNode(true);
+// mandatorClone.setAttribute("xmlns:" + nsPrefix, nsUri);
+//
+// return mandatorClone;
+// } catch (Exception e) {
+// throw new SZRGWClientException(e);
+// }
+// }
/**
* Serializes a XML element to a given output stream.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java deleted file mode 100644 index f2f897432..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java +++ /dev/null @@ -1,643 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.validator.parep;
-
-import java.io.File;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Vector;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
-import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
-import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
-import at.gv.egovernment.moa.id.auth.data.InfoboxToken;
-import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult;
-import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResultImpl;
-import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams;
-import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
-import at.gv.egovernment.moa.id.auth.validator.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateRequest;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateResponse;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
-import at.gv.egovernment.moa.id.auth.validator.parep.config.ParepConfiguration;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * This class implements a MOA-ID Infobox Validator for validating
- * a standardized XML mandate using the SZR-gateway.
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner
- */
-public class ParepValidator implements InfoboxValidator { - - public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; - public final static String EXT_SAML_MANDATE_OID = "OID"; - public final static String EXT_SAML_MANDATE_RAW = "Mandate"; - public final static String EXT_SAML_MANDATE_NAME = "MandatorName"; - public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth"; - public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk"; - public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; - public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter"; - public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier"; - - - public InfoboxValidationResult validate(InfoboxValidatorParams params) - throws ValidateException { - // TODO Auto-generated method stub - return null; - } - - public InfoboxValidationResult validate(Map parameters) - throws ValidateException { - // TODO Auto-generated method stub - return null; - } - - public InfoboxValidationResult validate(Element samlAssertion) - throws ValidateException { - // TODO Auto-generated method stub - return null; - } - - public String getForm() { - // TODO Auto-generated method stub - return null; - }
- - - //TODO: check correctness!!!!
-// /** activates debug settings */
-// private boolean PAREP_DEBUG = false;
-//
-// /** contains the parameters the validator initially was called with */
-// private InfoboxValidatorParams params = null;
-//
-// /** contains the configuration of the validator */
-// private ParepConfiguration parepConfiguration = null;
-//
-// /** the requested representation ID (currently * or OID) */
-// private String representationID = null;
-//
-// /** holds the information of the SZR-request */
-// private CreateMandateRequest request = null;
-//
-// /** List of extended SAML attributes. */
-// private Vector extendedSamlAttributes = new Vector();
-//
-// /** the class which processes the user input */
-// private ParepInputProcessor inputProcessor = null;
-//
-// /** The form if user input is necessary */
-// private String form = null;
-//
-// /** unspecified error of parep-validator (must not know more about)*/
-// private final static String COMMON_ERROR = "Es ist ein Fehler bei der �berpr�fung f�r berufsm��ige Parteienvetretung aufgetreten";
-//
-// /** Default class to gather remaining mandator data. */
-// public final static String PAREP_INPUT_PROCESSOR = "at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessorImpl";
-//
-// /** Default template to gather remaining mandator data. */
-// public final static String PAREP_INPUT_TEMPLATE = "/resources/templates/ParepMinTemplate.html";
-//
-// /** kind of representation text in AUTH block*/
-// public final static String STANDARD_REPRESENTATION_TEXT = "berufsm��ige(r) Parteienvertreter(in)";
-//
-// /** Names of the produced SAML-attributes. */
-// public final static String EXT_SAML_MANDATE_RAW = "Mandate";
-// public final static String EXT_SAML_MANDATE_NAME = "MandatorName";
-// public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth";
-// public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk";
-// public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; -// public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; -// public final static String EXT_SAML_MANDATE_OID = "OID"; -// -// /** */ -// public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter";
-//
-// /** register and register number for non physical persons - the domain identifier for business applications*/
-// public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier";
-//
-// /**
-// * Parses the XML configuration element and creates the validators configuration
-// * Use this function if you want to preconfigure the validator.
-// *
-// * @param configElem
-// * the XML configuration element to parse.
-// * @throws ConfigurationException
-// * if an error occurs during the configuration process
-// */
-// public void Configure(Element configElem) throws ConfigurationException {
-// if (this.parepConfiguration == null) {
-// Logger.debug("Lade Konfiguration.");
-// parepConfiguration = new ParepConfiguration(configElem);
-// Logger.debug("Konfiguration erfolgreich geladen.");
-// }
-// }
-//
-// /*
-// * (non-Javadoc)
-// *
-// * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#validate(at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams)
-// */
-// public InfoboxValidationResult validate(InfoboxValidatorParams params) throws ValidateException {
-//
-// InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null);
-//
-// try {
-// Logger.debug("Starte Organwalter-/berufsmäßige Parteienvertreterprüfung.");
-// this.params = params;
-//
-// Element mandate = extractPrimaryToken(this.params.getInfoboxTokenList());
-// // ParepUtils.serializeElement(mandate, System.out);
-// this.representationID = ParepUtils.extractRepresentativeID(mandate);
-// if (ParepUtils.isEmpty(representationID)) {
-// validationResult.setErrorMessage("Fehlende oder falsche MandateID in standardisierter Vollmacht");
-// return validationResult;
-// }
-//
-// // überprüfen der Identifikation (Type/Value).
-// String identificationType = this.params.getIdentificationType();
-// String identificationValue = this.params.getIdentificationValue();
-// if (this.params.getBusinessApplication()) {
-// if (representationID.startsWith(MOAIDAuthConstants.PARTY_ORGAN_REPRESENTATION_OID_NUMBER)) {
-// validationResult.setErrorMessage("Eine Vertretung durch Organwalter im privatwirtschaftlichen Bereich ist nicht vorgesehen.");
-// return validationResult;
-//
-// } else {
-// Logger.debug("Parteienvertreter wird mit wbPK identifiziert");
-// }
-// } else {
-// if (representationID.startsWith(MOAIDAuthConstants.PARTY_ORGAN_REPRESENTATION_OID_NUMBER)) {
-// //Für Organwalter wird die Stammzahl zur Berechnung der Organwalter-bPK benötigt
-// if (!Constants.URN_PREFIX_BASEID.equals(this.params.getIdentificationType())) {
-// Logger.error("Für eine Vertretung durch Organwalter ist es notwendig dessen Stammzahl an das Stammzahlenregister-Gateway zu �bermitteln. In der MOA-ID Konfiguration muss die �bermittlung Stammzahl aktiviert sein.");
-// validationResult.setErrorMessage("Die standardisierte Vollmacht wird von diesem Server nicht akzeptiert.");
-// return validationResult;
-// } else {
-// Logger.debug("Organwalter wird mit Stammzahl identifiziert");
-// }
-// } else {
-// if (Constants.URN_PREFIX_BASEID.equals(this.params.getIdentificationType())) {
-// // bPK berechnen, da dem SZR-Gateway das Target nicht bekannt ist
-// identificationType = Constants.URN_PREFIX_CDID;
-// String bpkBase64 = new BPKBuilder().buildBPK(this.params.getIdentificationValue(), this.params.getTarget());
-// identificationValue = bpkBase64;
-// Logger.debug("bPK für Parteienvertreter wurde berechnet. Parteienvertreter wird mit bPK identifiziert");
-// } else {
-// Logger.debug("Parteienvertreter wird mit bPK identifiziert");
-// }
-// }
-// }
-//
-// Configure(this.params.getApplicationSpecificParams());
-// // check if we have a configured party representative for that
-// if (!parepConfiguration.isPartyRepresentative(representationID)) {
-// Logger.info("Kein berufsmäßiger Parteienvertreter für MandateID \"" + representationID + "\" konfiguriert.");
-// validationResult.setErrorMessage("Die standardisierte Vollmacht wird von diesem Server nicht akzeptiert.");
-// return validationResult;
-// }
-//
-// // Vertreter
-// this.request = new CreateMandateRequest();
-// request.setRepresentative(this.params, identificationType, identificationValue);
-// // ParepUtils.serializeElement(request.getRepresentative(), System.out);
-// //ParepUtils.saveElementToFile(request.getRepresentative(), new File("c:/representative.xml"));
-//
-// Logger.debug("Prüfe vorausgefüllte Daten...");
-// boolean physical = true;
-// String familyName = "";
-// String givenName = "";
-// String dateOfBirth = "";
-// String cbFullName = "";
-// String cbIdentificationType = "";
-// String cbIdentificationValue = "";
-// String postalCode = "";
-// String municipality = "";
-// String streetName = "";
-// String buildingNumber = "";
-// String unit = "";
-//
-// boolean formNecessary = false;
-// // Vertretener (erstes Vorkommen)
-// Element mandator = ParepUtils.extractMandator(mandate);
-// if (mandator != null) {
-// // ParepUtils.serializeElement(mandator, System.out);
-// // ParepUtils.saveElementToFile(mandator, new File("c:/mandator.xml"));
-// if (ParepUtils.isPhysicalPerson(mandator)) {
-// familyName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()");
-// givenName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()");
-// dateOfBirth = ParepUtils.extractMandatorDateOfBirth(mandator);
-// } else {
-// physical = false;
-// cbFullName = ParepUtils.extractMandatorFullName(mandator);
-// cbIdentificationType = ParepUtils.getIdentification(mandator, "Type");
-// cbIdentificationValue = ParepUtils.extractMandatorWbpk(mandator);
-// }
-// postalCode = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:PostalCode/text()");
-// municipality = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:Municipality/text()");
-// streetName = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:StreetName/text()");
-// buildingNumber = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:BuildingNumber/text()");
-// unit = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:Unit/text()");
-//
-// }
-// if (physical) {
-// if (!parepConfiguration.isRepresentingPhysicalParty(representationID)) {
-// validationResult.setErrorMessage("Vertretung von natürlichen Personen für diese standardisierte Vollmacht nicht erlaubt.");
-// return validationResult;
-// }
-// if (ParepUtils.isEmpty(familyName) || ParepUtils.isEmpty(givenName) || ParepUtils.isEmpty(dateOfBirth)) {
-// formNecessary = true;
-// }
-// } else {
-// if (!parepConfiguration.isRepresentingCorporateParty(representationID)) {
-// validationResult.setErrorMessage("Vertretung von juristischen Personen für diese standardisierte Vollmacht nicht erlaubt.");
-// return validationResult;
-// }
-// if (ParepUtils.isEmpty(cbFullName) || ParepUtils.isEmpty(cbIdentificationType) || ParepUtils.isEmpty(cbIdentificationValue)) {
-// formNecessary = true;
-// }
-// }
-//
-// //Zeigen wir, dass die Daten �bernommen wurden:
-// if (parepConfiguration.isAlwaysShowForm()) formNecessary=true;
-//
-// // Input processor
-// this.form = "";
-// if (formNecessary) {
-// ParepInputProcessor inputProcessor= getInputProcessor();
-// this.form = inputProcessor.start(
-// physical, familyName, givenName, dateOfBirth, streetName, buildingNumber, unit, postalCode, municipality,
-// cbFullName, cbIdentificationType, cbIdentificationValue);
-// if (this.form == null) {
-// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
-// return validationResult;
-// }
-// } else {
-// // Request vorbereiten mit vorgegebenen Daten
-// request.setMandator(familyName, givenName, dateOfBirth, postalCode, municipality, streetName, buildingNumber, unit, physical, cbFullName,
-// cbIdentificationType, cbIdentificationValue);
-// }
-//
-//
-// // ParepUtils.serializeElement(request.getMandator(), System.out);
-// // ParepUtils.saveElementToFile(request.getMandator(), new File("c:/mandator.xml"));
-//
-// addAuthBlockExtendedSamlAttributes();
-// validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes());
-// Logger.debug("�berpr�fung der vertretenen Partei erfolgreich beendet");
-// validationResult.setValid(true);
-// return validationResult;
-// } catch (Exception e) {
-// e.printStackTrace();
-// Logger.info(e);
-// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
-// return validationResult;
-// }
-// }
-//
-// /*
-// * (non-Javadoc)
-// *
-// * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#validate(java.util.Map)
-// */
-// public InfoboxValidationResult validate(Map parameters) throws ValidateException {
-//
-// InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null);
-// Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung");
-// Logger.debug("Prüfe im Formular ausgefüllte Daten...");
-// if (PAREP_DEBUG) Logger.debug("Got parameters from user input form: " + parameters.toString());
-//
-// // Input processor
-// ParepInputProcessor inputProcessor= getInputProcessor();
-// this.form = inputProcessor.validate(parameters, null);
-// if (this.form == null) {
-// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
-// return validationResult;
-// }
-//
-// addAuthBlockExtendedSamlAttributes();
-// validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes());
-// validationResult.setValid(true);
-// Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung erfolgreich beendet");
-// return validationResult;
-// }
-//
-// /*
-// * (non-Javadoc)
-// *
-// * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#validate(org.w3c.dom.Element)
-// */
-// public InfoboxValidationResult validate(Element samlAssertion) throws ValidateException {
-//
-// InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null);
-// Logger.debug("Post processing von Organwalter-/berufsm��ige Parteienvertreterpr�fung");
-// this.form = "";
-// try {
-//
-//
-// request.setSignature(samlAssertion);
-//
-////DPO debug
-//// Element mandate = (ParepUtils.readDocFromIs(new FileInputStream("c:/vertetervollmacht_1.2.40.0.10.3.1_origin-fixed.xml"))).getDocumentElement();
-//// String id = representationID;
-//// CreateMandateResponse response;
-//// if (true) {
-//// if (this.params.getHideStammzahl()) {
-//// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +"_origin.xml"));
-//// // Achtung: Es wird hier nicht spezifikationskonform vorgegangen, damit im Kompatibilit�tsmodus Personendaten ersetzt werden k�nnen.
-//// // W�rden die Stammzahlen gel�scht (geblindet) werden, w�rde der Identifikationswert des Vertretenen g�nzlich fehlen.
-//// // Im Falle einen business Anwendung berechnet MOA-ID nach R�ckkehr das wbPK
-//// ParepUtils.HideStammZahlen(mandate, this.params.getBusinessApplication(), this.params.getTarget(), this.params.getDomainIdentifier(), false);
-//// }
-//// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +".xml"));
-//
-// //ParepUtils.serializeElement(request.toElement(), System.out);
-// if (PAREP_DEBUG) ParepUtils.saveElementToFile(request.toElement(), new File("c:/gwrequest.xml"));
-//
-// // configure szrgw client
-// Logger.debug("Lade SZR-GW Client.");
-// SZRGWClient client = new SZRGWClient();
-// // System.out.println("Parameters: " + cfg.getConnectionParameters());
-// Logger.debug("Initialisiere Verbindung...");
-// ConnectionParameter connectionParameters = parepConfiguration.getConnectionParameters(representationID);
-// // Logger.debug("Connection Parameters: " + connectionParameters);
-// Logger.debug("SZR-GW URL: " + connectionParameters.getUrl());
-// client.setAddress(connectionParameters.getUrl());
-// if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) {
-// Logger.debug("Initialisiere SSL Verbindung");
-// client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters));
-// }
-//
-// Logger.debug("Starte Kommunikation mit dem Stammzahlenregister Gateway...");
-// CreateMandateResponse response;
-// Element requ = request.toElement();
-// try {
-// response = client.createMandateResponse(requ);
-// } catch (SZRGWClientException e) {
-// // give him a second try - Nach dem Starten des Tomcat wird beim ersten Mal das Client-Zertifikat offenbar vom HTTPClient nicht mitgeschickt.
-// client = new SZRGWClient(connectionParameters.getUrl());
-// if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters));
-// response = client.createMandateResponse(requ);
-// }
-// Logger.debug("SZR-Gateway Response Code: " + response.getResultCode()+ " " + response.getInfo()!=null ? response.getInfo():"");
-// if (response.getResultCode()==2000) {
-// if(response.getMandate()==null) {
-// Logger.error("Keine Vollmacht vom SZR-Gateway erhalten");
-// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
-// return validationResult;
-// }
-//
-//
-// //DPO debug output (2lines)
-// String id = representationID;
-// if (id.equals("*")) id="standardisiert";
-//
-// Element mandate = response.getMandate();
-// // Replace Stammzahlen
-// if (PAREP_DEBUG) ParepUtils.saveElementToFile(response.getMandate(), new File("c:/vertetervollmacht_"+ id +"_origin.xml"));
-// if (this.params.getHideStammzahl()) {
-// ParepUtils.HideStammZahlen(mandate, this.params.getBusinessApplication(), this.params.getTarget(), this.params.getDomainIdentifier(), false);
-// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +"_hideStammzahl.xml"));
-// }
-//
-// extendedSamlAttributes.clear();
-// // Vollmacht
-// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_RAW, mandate, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
-//
-// validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes());
-// validationResult.setValid(true);
-// Logger.debug("Post processing von Organwalter-/berufsm��ige Parteienvertreterpr�fung erfolgreich beendet");
-// } else {
-// String errorMsg = "Fehler " + response.getResultCode() + " bei Stammzahlenregister-Gateway Anfrage";
-// String responseInfo = response.getInfo();
-// if (response.getResultCode()>=4000 && response.getResultCode()<4999) {
-// if (!ParepUtils.isEmpty(responseInfo)) errorMsg = errorMsg + ": " + responseInfo;
-// validationResult.setErrorMessage(errorMsg);
-// } else if (response.getResultCode()>=5000 && response.getResultCode()<=5999) {
-// // Person not found
-// ParepInputProcessor inputProcessor= getInputProcessor();
-// switch (response.getResultCode()) {
-// case 5230:
-// errorMsg = "Keine mit den Eingaben übereinstimmende Person vorhanden. Bitte ergänzen/ändern Sie ihre Angaben.";
-// break;
-// case 5231:
-// errorMsg = "Die Person konnte nicht eindeutig identifiziert werden. Es existieren mehrere Personen zu Ihrer Suchanfrage. Bitte ergänzen/ändern Sie ihre Angaben.";
-// break;
-// default:
-// if (!ParepUtils.isEmpty(responseInfo)) errorMsg = errorMsg + ": " + responseInfo;
-// }
-// this.form = inputProcessor.validate(generateParameters(), errorMsg);
-// if (this.form == null) {
-// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
-// return validationResult;
-// }
-// validationResult.setValid(true);
-// } else {
-// // Do not inform the user too much
-// Logger.error(errorMsg);
-// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
-// }
-//
-// }
-// return validationResult;
-// } catch (Exception e) {
-// e.printStackTrace();
-// Logger.info(e);
-// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
-// return validationResult;
-// }
-// }
-//
-// /**
-// * provides the primary infobox token of the given list.
-// *
-// * @param infoBoxTokens
-// * the list of infobox tokens.
-// * @return
-// * the XML element of the primary token.
-// * @throws ValidateException
-// * if an error occurs or list is not suitable.
-// */
-// public static Element extractPrimaryToken(List infoBoxTokens) throws ValidateException {
-// if (infoBoxTokens == null || infoBoxTokens.size() == 0) {
-// throw new ValidateException("validator.62", null);
-// }
-// for (int i = 0; i < infoBoxTokens.size(); i++) {
-// InfoboxToken token = (InfoboxToken) infoBoxTokens.get(i);
-// if (token.isPrimary()) {
-// return token.getXMLToken();
-// }
-// }
-// throw new ValidateException("validator.62", null);
-// }
-//
-// /*
-// * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#getExtendedSamlAttributes()
-// */
-// public ExtendedSAMLAttribute[] getExtendedSamlAttributes() {
-// ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes.size()];
-// extendedSamlAttributes.copyInto(ret);
-// Logger.debug("ParepValidator ExtendedSAML Attributes: " + ret.length);
-// return ret;
-// }
-//
-//
-// /**
-// * @return The next pending user input form, which is "" if no form is to be shown, and null on errors.
-// */
-// public String getForm() {
-// return this.form;
-// }
-//
-// /**
-// * Gets the user form input processor (class) assigned to the current party representative
-// * If the method is called for the first time it initializes the input processor.
-// *
-// * @return The user form input processor
-// */
-// private ParepInputProcessor getInputProcessor() {
-//
-// if (this.inputProcessor!=null) return inputProcessor;
-// String inputProcessorName = parepConfiguration.getInputProcessorClass(representationID);
-// ParepInputProcessor inputProcessor = null;
-// try {
-// Class inputProcessorClass = Class.forName(inputProcessorName);
-// inputProcessor= (ParepInputProcessor) inputProcessorClass.newInstance();
-// inputProcessor.initialize(representationID, parepConfiguration, this.params.getFamilyName(), this.params.getGivenName(), this.params.getDateOfBirth(), request);
-// } catch (Exception e) {
-// Logger.error("Could not load input processor class \"" + inputProcessorName + "\": " + e.getMessage());
-// }
-// this.inputProcessor = inputProcessor;
-// return inputProcessor;
-// }
-//
-// /**
-// * Generates the parameter list, which is needed to simulate a return from
-// * an user form.
-// *
-// * @return the form parameters
-// */
-// private Map generateParameters() {
-// Map parameters = new HashMap();
-// boolean physical = true;
-// String familyName = "";
-// String givenName = "";
-// String dateOfBirth = "";
-// String cbFullName = "";
-// String cbIdentificationType = "";
-// String cbIdentificationValue = "";
-// String postalCode = "";
-// String municipality = "";
-// String streetName = "";
-// String buildingNumber = "";
-// String unit = "";
-//
-// try {
-// // Vertretener (erstes Vorkommen)
-// Element mandator = request.getMandator();
-// if (mandator != null) {
-// if (ParepUtils.isPhysicalPerson(mandator)) {
-// familyName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()");
-// givenName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()");
-// dateOfBirth = ParepUtils.extractMandatorDateOfBirth(mandator);
-// } else {
-// physical = false;
-// cbFullName = ParepUtils.extractMandatorFullName(mandator);
-// cbIdentificationType = ParepUtils.getIdentification(mandator, "Type");
-// cbIdentificationValue = ParepUtils.extractMandatorWbpk(mandator);
-// }
-// postalCode = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:PostalCode/text()");
-// municipality = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:Municipality/text()");
-// streetName = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:StreetName/text()");
-// buildingNumber = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:BuildingNumber/text()");
-// unit = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:Unit/text()");
-// }
-// } catch (Exception e) {
-// Logger.error("Could not extract Mandator form SZR-gateway request");
-// }
-// parameters.put("familyname_", familyName);
-// parameters.put("givenname_", givenName);
-// parameters.put("dateofbirth_", dateOfBirth);
-// parameters.put("dobyear_", dateOfBirth.substring(0,4));
-// parameters.put("dobmonth_", dateOfBirth.substring(5,7));
-// parameters.put("dobday_", dateOfBirth.substring(8,10));
-// parameters.put("physical_", physical ? "true" : "false");
-// parameters.put("fullname_", cbFullName);
-// parameters.put("cbidentificationtype_", cbIdentificationType);
-// parameters.put("cbidentificationvalue_", cbIdentificationValue);
-// parameters.put("postalcode_", postalCode);
-// parameters.put("municipality_", municipality);
-// parameters.put("streetname_", streetName);
-// parameters.put("buildingnumber_", buildingNumber);
-// parameters.put("unit_", unit);
-// return parameters;
-// }
-//
-// /**
-// * Adds the AUTH block related SAML attributes to the validation result.
-// * This is needed always before the AUTH block is to be signed, because the
-// * name of the mandator has to be set
-// */
-// private void addAuthBlockExtendedSamlAttributes() {
-// extendedSamlAttributes.clear();
-// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTYPE, parepConfiguration.getRepresentationText(representationID), SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
-// Element mandator = request.getMandator();
-// // Name
-// String name = ParepUtils.extractMandatorName(mandator);
-// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_NAME, name, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
-// // Geburtsdatum
-// String dob = ParepUtils.extractMandatorDateOfBirth(mandator);
-// if (dob != null && !"".equals(dob)) {
-// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_DOB, dob, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
-// }
-// // (w)bpk
-// String wbpk = ParepUtils.extractMandatorWbpk(mandator);
-// if (!ParepUtils.isEmpty(wbpk)) {
-// if (!ParepUtils.isPhysicalPerson(mandator)){
-// String idType = ParepUtils.extractMandatorIdentificationType(mandator);
-// if (!ParepUtils.isEmpty(idType) && idType.startsWith(Constants.URN_PREFIX_BASEID + "+X")) {
-// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_CB_BASE_ID, ParepUtils.getRegisterString(idType) + ": " + wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
-// }
-// } else if (this.params.getBusinessApplication()) {
-// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_WBPK, wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
-// }
-// }
-// }
-//
-//// public static void main(String[] args) throws Exception {
-//// }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/PartyRepresentative.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/PartyRepresentative.java deleted file mode 100644 index fc845f579..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/PartyRepresentative.java +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -/**
- *
- */
-package at.gv.egovernment.moa.id.auth.validator.parep;
-
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-
-/**
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- *
- */
-public class PartyRepresentative {
-
- /** Object Identifier **/
- private String oid;
-
- private boolean representPhysicalParty;
-
- private boolean representCorporateParty;
-
- /**
- * Text for representation description in SAML Assertion (Auth-Block)
- * */
- private String representationText;
-
- /**
- * SZR-GW connection parameters.
- */
- private ConnectionParameter connectionParameters = null;
-
- private String inputProcessorClass = null;
- private String inputProcessorTemplate = null;
-
- /**
- * Constructor
- */
-public PartyRepresentative() {
- this.oid = null;
- this.representPhysicalParty = false;
- this.representCorporateParty = false;
- this.connectionParameters = null;
- this.representationText = null;
-}
-
-/**
- * Constructor
- */
- public PartyRepresentative(boolean representPhysicalParty, boolean representCorporateParty) {
- this.oid = null;
- this.representPhysicalParty = representPhysicalParty;
- this.representCorporateParty = representCorporateParty;
- this.connectionParameters = null;
- this.representationText = null;
- this.inputProcessorClass = null;
- this.inputProcessorTemplate = null;
- }
-
- /**
- * @return the oid
- */
- public String getOid() {
- return oid;
- }
-
- /**
- * @param oid the oid to set
- */
- public void setOid(String oid) {
- this.oid = oid;
- }
-
- /**
- * @return the representPhysicalParty
- */
- public boolean isRepresentingPhysicalParty() {
- return representPhysicalParty;
- }
-
- /**
- * @param representPhysicalParty the representPhysicalParty to set
- */
- public void setRepresentingPhysicalParty(boolean representPhysicalParty) {
- this.representPhysicalParty = representPhysicalParty;
- }
-
- /**
- * @return the representCorporateParty
- */
- public boolean isRepresentingCorporateParty() {
- return representCorporateParty;
- }
-
- /**
- * @param representCorporateParty the representCorporateParty to set
- */
- public void setRepresentingCorporateParty(boolean representCorporateParty) {
- this.representCorporateParty = representCorporateParty;
- }
-
- /**
- * @return the connectionParameters
- */
- public ConnectionParameter getConnectionParameters() {
- return connectionParameters;
- }
-
- /**
- * @param connectionParameters the connectionParameters to set
- */
- public void setConnectionParameters(ConnectionParameter connectionParameters) {
- this.connectionParameters = connectionParameters;
- }
-
-
- /**
- * @return the representationText
- */
- public String getRepresentationText() {
- return representationText;
- }
-
-
- /**
- * @param representationText the representationText to set
- */
- public void setRepresentationText(String representationText) {
- this.representationText = representationText;
- }
-
- /**
- * @return the inputProcessorClass
- */
- public String getInputProcessorClass() {
- return inputProcessorClass;
- }
-
- /**
- * @param inputProcessorClass the inputProcessorClass to set
- */
- public void setInputProcessorClass(String inputProcessorClass) {
- this.inputProcessorClass = inputProcessorClass;
- }
-
- /**
- * @return the inputProcessorTemplate
- */
- public String getInputProcessorTemplate() {
- return inputProcessorTemplate;
- }
-
- /**
- * @param inputProcessorTemplate the inputProcessorTemplate to set
- */
- public void setInputProcessorTemplate(String inputProcessorTemplate) {
- this.inputProcessorTemplate = inputProcessorTemplate;
- }
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateIdentityLinkResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateIdentityLinkResponse.java index eae5dba05..fca0b2dce 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateIdentityLinkResponse.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateIdentityLinkResponse.java @@ -1,31 +1,53 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-import org.w3c.dom.Element; +import org.w3c.dom.Element;
/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateRequest.java deleted file mode 100644 index 53f786eb3..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateRequest.java +++ /dev/null @@ -1,281 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-
-import java.util.ArrayList; -import java.util.List; - -import org.apache.xpath.XPathAPI; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - -import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.util.Constants; -
-/**
- * This class implements a detailed CreateMandateRequest that
- * will be sent to SZR-gateway.
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- */
-public class CreateMandateRequest {
-
- /**
- * The Request.
- */
- private Document document;
-
- /**
- * List of mandate representatives as XML element.
- */
- private List representatives;
-
- /**
- * The mandator.
- */
- private Element mandator;
-
- /**
- * The representative.
- */
- private Element representative;
-
- /**
- * The signature to verify by the SZR-gateway
- */
- private Element signature;
-
-
-
- /**
- * Creates the CreateMandateRequest element that will
- * be sent to SZR-gateway
- *
- * @return the CreateMandateRequest element.
- */
- public Element toElement() throws SZRGWClientException{
-
- this.document = ParepUtils.createEmptyDocument();
- Element root = this.document.createElement(SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.CREATE_MANDATE_REQUEST);
- root.setAttribute("xmlns" + SZRGWConstants.SZRGW_POSTFIX, SZRGWConstants.SZRGW_REQUEST_NS);
- root.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
- if (this.representative!=null) root.appendChild(this.document.importNode(this.representative, true));
- if (this.mandator!=null) root.appendChild(this.document.importNode(this.mandator, true));
- if (this.signature!=null) root.appendChild(this.document.importNode(this.signature, true));
-
- return root;
- }
-
- /**
- * Adds a representative.
- *
- * @param representative an XML representative to add.
- */
- public void addRepresentative(Element representative) {
- if (representatives == null) {
- representatives = new ArrayList();
- }
- representatives.add(representative);
- }
-
- /**
- * Gets the representative.
- *
- * @return the representative.
- */
- public Element getRepresentative() {
- return representative;
- }
-
- /**
- * Gets the mandator.
- *
- * @return the mandator.
- */
- public Element getMandator() {
- return mandator;
- }
-
- /**
- * Sets the mandator.
- *
- * @param mandator the mandator.
- */
- public void setMandator(Element mandator) {
- this.mandator = mandator;
- }
-
- /**
- * Sets the Mandator.
- *
- * @param familyName the family name of the mandator.
- */
- public void setMandator(String familyName, String givenName, String dateOfBirth,
- String postalCode, String municipality, String streetName, String buildingNumber, String unit,
- boolean physical, String cbFullName, String cbIdentificationType, String cbIdentificationValue) throws SZRGWClientException {
-
- Document mandatorDocument = ParepUtils.createEmptyDocument();
-
- Element mandatorElem = mandatorDocument.createElementNS(SZRGWConstants.SZRGW_REQUEST_NS, SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.MANDATOR);
-// mandatorElem.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-/// mandatorElem.setAttribute("xmlns" + SZRGWConstants.SZRGW_POSTFIX, SZRGWConstants.SZRGW_REQUEST_NS);
-
- if (physical) {
- Element physicalPersonElem = mandatorDocument.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.PHYSICALPERSON);
- physicalPersonElem.appendChild(createNameElem(mandatorDocument, givenName, familyName));
- physicalPersonElem.appendChild(createPersonDataElem(mandatorDocument, SZRGWConstants.DATEOFBIRTH, dateOfBirth));
- mandatorElem.appendChild(physicalPersonElem);
- Element postalAddressElement = createPostalAddressElem(mandatorDocument, postalCode, municipality, streetName, buildingNumber, unit);
- if (null!=postalAddressElement) mandatorElem.appendChild(postalAddressElement);
- } else {
- Element corporateBodyElem = mandatorDocument.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.CORPORATEBODY);
- corporateBodyElem.appendChild(createIdentificationElem(mandatorDocument, cbIdentificationType, cbIdentificationValue));
- corporateBodyElem.appendChild(createPersonDataElem(mandatorDocument, SZRGWConstants.FULLNAME, cbFullName));
- mandatorElem.appendChild(corporateBodyElem);
- }
-
-
- this.mandator = mandatorElem;
- }
-
- private Element createPersonDataElem(Document document, String elementName, String elementValue) {
- Element elem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + elementName);
- Node value = document.createTextNode(elementValue);
- elem.appendChild(value);
- return elem;
- }
-
- private Element createIdentificationElem(Document document, String identificationType, String identificationValue) {
- Element identificationElem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.IDENTIFICATION);
- identificationElem.appendChild(createPersonDataElem(document, SZRGWConstants.VALUE, identificationValue));
- identificationElem.appendChild(createPersonDataElem(document, SZRGWConstants.TYPE, identificationType));
- return identificationElem;
- }
- private Element createNameElem(Document document, String givenName, String familyName) {
- Element nameElem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.NAME);
- nameElem.appendChild(createPersonDataElem(document, SZRGWConstants.GIVENNAME, givenName));
- nameElem.appendChild(createPersonDataElem(document, SZRGWConstants.FAMILYNAME, familyName));
- return nameElem;
- }
- private Element createPostalAddressElem(Document document, String postalCode, String municipality, String streetName, String buildingNumber, String unit) {
-
- if (ParepUtils.isEmpty(postalCode) && ParepUtils.isEmpty(municipality) && ParepUtils.isEmpty(streetName)
- && ParepUtils.isEmpty(buildingNumber) && ParepUtils.isEmpty(unit)) return null;
- Element postalAddressElem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.POSTALADDRESS);
-
- if (!ParepUtils.isEmpty(postalCode)) {
- postalAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.POSTALCODE, postalCode));
- }
- if (!ParepUtils.isEmpty(municipality)) {
- postalAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.MUNICIPALITY, municipality));
- }
- if (!ParepUtils.isEmpty(streetName) || !ParepUtils.isEmpty(buildingNumber) || !ParepUtils.isEmpty(unit)) {
- Element deliveryAddressElem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.DELIVERYADDRESS);
-
- if (!ParepUtils.isEmpty(streetName)) {
- deliveryAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.STREETNAME, streetName));
- }
- if (!ParepUtils.isEmpty(buildingNumber)) {
- deliveryAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.BUILDINGNUMBER, buildingNumber));
- }
- if (!ParepUtils.isEmpty(unit)) {
- deliveryAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.UNIT, unit));
- }
- postalAddressElem.appendChild(deliveryAddressElem);
- }
- return postalAddressElem;
- }
-
-
-
- /**
- * Sets the Representative.
- *
- * @param params InfoboxValidatorParams contain the data of the representative.
- * @param identificationType the type of the identification of the representative (has to be urn:publicid:gv.at:cdid).
- * @param identificationValue the identification value (bPK).
- */
- public void setRepresentative(InfoboxValidatorParams params, String identificationType, String identificationValue) throws SZRGWClientException {
-
- Document representativeDocument = ParepUtils.createEmptyDocument();
-
- Element representativeElem = representativeDocument.createElementNS(SZRGWConstants.SZRGW_REQUEST_NS, SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.REPRESENTATIVE);
-// representativeElem.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-// representativeElem.setAttribute("xmlns" + SZRGWConstants.SZRGW_POSTFIX, SZRGWConstants.SZRGW_REQUEST_NS);
-
- //Old Version 0.0.1 of SZR-Gateway
-// representativeElem.appendChild(createIdentificationElem(representativeDocument, identificationType, identificationValue));
-// representativeElem.appendChild(createNameElem(representativeDocument, params.getGivenName(), params.getFamilyName()));
-// representativeElem.appendChild(createPersonDataElem(representativeDocument, SZRGWConstants.DATEOFBIRTH, params.getDateOfBirth()));
-
- //New since version 0.0.2 of SZR-Gateway:
- // we need to send an identity link and must replace its identification value
- representativeElem.appendChild(representativeElem.getOwnerDocument().importNode(params.getIdentityLink(), true));
- try {
- Element nameSpaceNode = representativeElem.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.SAML_POSTFIX, Constants.SAML_NS_URI);
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.SZRGW_POSTFIX, SZRGWConstants.SZRGW_REQUEST_NS);
- Node identificationValueNode = XPathAPI.selectSingleNode(representativeElem, "descendant-or-self::" + SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.REPRESENTATIVE + "/" +SZRGWConstants.SAML_PREFIX + "Assertion/saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person/pr:Identification/pr:Value/text()", nameSpaceNode);
- if (identificationValueNode != null) {
- identificationValueNode.setNodeValue(identificationValue);
- } else {
- throw new SZRGWClientException("validator.63", null);
- }
- Node identificationTypeNode = XPathAPI.selectSingleNode(representativeElem, "descendant-or-self::" + SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.REPRESENTATIVE + "/" +SZRGWConstants.SAML_PREFIX + "Assertion/saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person/pr:Identification/pr:Type/text()", nameSpaceNode);
- if (identificationTypeNode != null) {
- identificationTypeNode.setNodeValue(identificationType);
- } else {
- throw new SZRGWClientException("validator.63", null);
- }
- } catch (Exception e) {
- throw new SZRGWClientException("validator.63", null);
- }
- this.representative = representativeElem;
- }
-
- /**
- * @return the signature
- */
- public Element getSignature() {
- return signature;
- }
-
- /**
- * @param signature the signature to set
- */
- public void setSignature(Element signature) throws SZRGWClientException{
- Document signatureDocument = ParepUtils.createEmptyDocument();
- Element signatureElem = signatureDocument.createElementNS(SZRGWConstants.SZRGW_REQUEST_NS, SZRGWConstants.SZRGW_PREFIX + "Signature");
- //SZR-gateway takes the first Signature
- //signatureElem.setAttribute("SignatureLocation", "//saml:Assertion/dsig:Signature");
- signatureElem.appendChild(signatureDocument.importNode(signature, true));
- this.signature = signatureElem;
- }
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateResponse.java index 40867536c..e6b7dee34 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateResponse.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateResponse.java @@ -1,27 +1,49 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SOAPConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SOAPConstants.java index 2efde3188..0313814b1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SOAPConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SOAPConstants.java @@ -1,27 +1,49 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java index e3457f4de..5522129c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java @@ -1,395 +1,417 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; - -import javax.net.ssl.SSLSocketFactory; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.httpclient.HttpClient; -import org.apache.commons.httpclient.methods.PostMethod; -import org.apache.commons.httpclient.protocol.Protocol; -import org.apache.xpath.XPathAPI; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.w3c.dom.Text; - -import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; - - - -/** - * This class implements a client for communication with the SZR-gateway - * <p> - * Two types of requests are supported - * <ol> - * <li>Basic Request</li> - * <li>Detailed Request</li> - * </ol> - * - * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a> - */ -public class SZRGWClient { - /** - * The URL of the SZR-gateway webservice. - */ - private String address; - - /** - * The SSL socket factory when using a secure connection. - */ - private SSLSocketFactory sSLSocketFactory; - - /** - * Constructor - */ - public SZRGWClient() { - } - - /** - * Constructor - * - * @param address the URL of the SZR-gateway webservice. - */ - public SZRGWClient(String address) { - this.address = address; - } - /** - * Sets the SSL socket factory. - * - * @param factory the SSL socket factory. - */ - public void setSSLSocketFactory(SSLSocketFactory factory) { - this.sSLSocketFactory = factory; - } - - /** - * Sets the SZR webservice URL - * - * @param address the URL of the SZR-gateway webservice. - */ - public void setAddress(String address) { - this.address = address; - } - - /** - * Creates a mandate. - * - * @param reqElem the request. - * @return a SZR-gateway response containing the result - * @throws SZRGWException when an error occurs creating the mandate. - */ - public CreateMandateResponse createMandateResponse(Element reqElem) throws SZRGWClientException { - //Logger.info("Connecting to SZR-gateway."); - try { - if (address == null) { - throw new NullPointerException("Address (SZR-gateway ServiceURL) must not be null."); - } - HttpClient client = new HttpClient(); - PostMethod method = new PostMethod(address); - method.setRequestHeader("SOAPAction", ""); - - - // ssl settings - if (sSLSocketFactory != null) { - SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory); - Protocol.registerProtocol("https", new Protocol("https", fac, 443)); - } - - // create soap body - Element soapBody = getSOAPBody(); - Document doc = soapBody.getOwnerDocument(); - soapBody.appendChild(doc.importNode(reqElem, true)); - Element requestElement = soapBody.getOwnerDocument().getDocumentElement(); - - //ParepUtils.saveElementToFile(requestElement, new File("c:/temp/szrRequest.xml")); - ByteArrayOutputStream bos = new ByteArrayOutputStream(); - ParepUtils.serializeElementAsDocument(requestElement, bos); - - method.setRequestBody(new ByteArrayInputStream(bos.toByteArray())); - client.executeMethod(method); - CreateMandateResponse response = new CreateMandateResponse(); - - bos = new ByteArrayOutputStream(); - doc = ParepUtils.readDocFromIs(method.getResponseBodyAsStream()); - - //ParepUtils.saveElementToFile(doc.getDocumentElement(), new File("c:/temp/szrResponse.xml")); - response.parse(doc.getDocumentElement()); - - - return response; - } catch(Exception e) { - //e.printStackTrace(); - throw new SZRGWClientException(e); - } - } - - /** - * Gets a identity link. - * - * @param reqElem the request. - * @return a SZR-gateway response containing the result - * @throws SZRGWException when an error occurs creating the mandate. - */ - public CreateIdentityLinkResponse createIdentityLinkResponse(Element reqElem) throws SZRGWClientException { - - try { - if (address == null) { - throw new NullPointerException("Address (SZR-gateway ServiceURL) must not be null."); - } - HttpClient client = new HttpClient(); - PostMethod method = new PostMethod(address); - method.setRequestHeader("SOAPAction", ""); - - - // ssl settings - if (sSLSocketFactory != null) { - SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory); - Protocol.registerProtocol("https", new Protocol("https", fac, 443)); - } - - // create soap body - Element soapBody = getSOAPBody(); - Document doc = soapBody.getOwnerDocument(); - soapBody.appendChild(doc.importNode(reqElem, true)); - Element requestElement = soapBody.getOwnerDocument().getDocumentElement(); - - //ParepUtils.saveElementToFile(requestElement, new File("c:/temp/szrRequest.xml")); - ByteArrayOutputStream bos = new ByteArrayOutputStream(); - ParepUtils.serializeElementAsDocument(requestElement, bos); - - method.setRequestBody(new ByteArrayInputStream(bos.toByteArray())); - client.executeMethod(method); - CreateIdentityLinkResponse response = new CreateIdentityLinkResponse(); - - bos = new ByteArrayOutputStream(); - doc = ParepUtils.readDocFromIs(method.getResponseBodyAsStream()); - //ParepUtils.saveElementToFile(doc.getDocumentElement(), new File("c:/temp/szrResponse.xml")); - - NodeList list = doc.getElementsByTagNameNS(SZRGWConstants.SZRGW_REQUEST_NS, "ErrorResponse"); - if (list.getLength() > 0) { - // set error response - list = doc.getElementsByTagNameNS(SZRGWConstants.SZRGW_REQUEST_NS, "Info"); - String error = DOMUtils.getText(list.item(0)); - - response.setError(error); - } - else { - // set assertion - DocumentBuilder builder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); - Document newdoc = builder.newDocument(); - - Element nameSpaceNode = newdoc.createElement("NameSpaceNode"); - nameSpaceNode.setAttribute("xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); - nameSpaceNode.setAttribute("xmlns:" + Constants.SAML_PREFIX, Constants.SAML_NS_URI); - - Element samlAssertion = (Element)XPathAPI.selectSingleNode(doc, "//saml:Assertion[1]", nameSpaceNode); - - if (samlAssertion == null) - throw new SZRGWClientException("Could not found a saml:Assertion element in response."); - else - response.setAssertion(samlAssertion); - } - - return response; - - } catch(Exception e) { - throw new SZRGWClientException(e); - } - } - - - /* - * builds an XML soap envelope - */ - private Element getSOAPBody() throws SZRGWClientException { - Document doc_; - try { - doc_ = ParepUtils.createEmptyDocument(); - Element root = doc_.createElementNS(SOAPConstants.SOAP_ENV_NS, SOAPConstants.SOAP_ENV_PREFIX + SOAPConstants.ENVELOPE); - doc_.appendChild(root); - - root.setAttribute("xmlns" + SOAPConstants.SOAP_ENV_POSTFIX, SOAPConstants.SOAP_ENV_NS); - //root.setAttribute(SOAPConstants.SOAP_ENV_PREFIX + SOAPConstants.ENCODING_STYLE, SOAPConstants.SOAP_ENV_ENCODING_STYLE); - root.setAttribute("xmlns:xsd", "http://www.w3.org/2001/XMLSchema"); - root.setAttribute("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance"); - - Element body = doc_.createElementNS(SOAPConstants.SOAP_ENV_NS, SOAPConstants.SOAP_ENV_PREFIX + SOAPConstants.BODY); - root.appendChild(body); - - return body; - } catch (SZRGWClientException e) { - throw new SZRGWClientException(e); - } - - } - - public Document buildGetIdentityLinkRequest(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, Element signature) throws SZRGWClientException { - - String SZRGW_NS = "http://reference.e-government.gv.at/namespace/szrgw/20070807#"; - try { - DocumentBuilderFactory factory =DocumentBuilderFactory.newInstance(); - factory.setNamespaceAware(true); - DocumentBuilder builder = factory.newDocumentBuilder(); - Document doc = builder.newDocument(); - - Element getIdentityLink = doc.createElementNS(SZRGW_NS, "szrgw:GetIdentityLinkRequest"); - getIdentityLink.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:szrgw", SZRGW_NS); - doc.appendChild(getIdentityLink); - - if ( (PEPSIdentifier != null) || (PEPSFirstname != null) || (PEPSFamilyname != null) || (PEPSDateOfBirth != null) ) { - - Element pepsDataElem = doc.createElementNS(SZRGW_NS, "szrgw:PEPSData"); - getIdentityLink.appendChild(pepsDataElem); - - if (PEPSIdentifier != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Identifier"); - pepsDataElem.appendChild(elem); - Text text= doc.createTextNode(PEPSIdentifier); - elem.appendChild(text); - } - if (PEPSFirstname != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Firstname"); - pepsDataElem.appendChild(elem); - Text text= doc.createTextNode(PEPSFirstname); - elem.appendChild(text); - } - - if (PEPSFamilyname != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Familyname"); - pepsDataElem.appendChild(elem); - Text text= doc.createTextNode(PEPSFamilyname); - elem.appendChild(text); - } - - if (PEPSDateOfBirth != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:DateOfBirth"); - pepsDataElem.appendChild(elem); - Text text= doc.createTextNode(PEPSDateOfBirth); - elem.appendChild(text); - } - } - - if (signature == null) - throw new SZRGWClientException("Signature element must not be null!"); - else { - Element sig = doc.createElementNS(SZRGW_NS, "szrgw:Signature"); - Element xmlcontent = doc.createElementNS(SZRGW_NS, "szrgw:XMLContent"); - sig.appendChild(xmlcontent); - Node n = doc.importNode(signature, true); - getIdentityLink.appendChild(sig); - xmlcontent.appendChild(n); - } - - - return doc; - } catch (ParserConfigurationException e) { - throw new SZRGWClientException(e); - } /*catch (CertificateEncodingException e) { - throw new SZRGWClientException(e); - }*/ - - - } - - public Document buildGetIdentityLinkRequest(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException { - - String SZRGW_NS = "http://reference.e-government.gv.at/namespace/szrgw/20070807#"; - - try { - DocumentBuilderFactory factory =DocumentBuilderFactory.newInstance(); - factory.setNamespaceAware(true); - DocumentBuilder builder = factory.newDocumentBuilder(); - Document doc = builder.newDocument(); - - Element getIdentityLink = doc.createElementNS(SZRGW_NS, "szrgw:GetIdentityLinkRequest"); - getIdentityLink.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:szrgw", SZRGW_NS); - doc.appendChild(getIdentityLink); - - if ( (PEPSIdentifier != null) || (PEPSFirstname != null) || (PEPSFamilyname != null) || (PEPSDateOfBirth != null) ) { - - Element pepsDataElem = doc.createElementNS(SZRGW_NS, "szrgw:PEPSData"); - getIdentityLink.appendChild(pepsDataElem); - - if (PEPSIdentifier != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Identifier"); - pepsDataElem.appendChild(elem); - Text text= doc.createTextNode(PEPSIdentifier); - elem.appendChild(text); - } - if (PEPSFirstname != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Firstname"); - pepsDataElem.appendChild(elem); - Text text= doc.createTextNode(PEPSFirstname); - elem.appendChild(text); - } - - if (PEPSFamilyname != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Familyname"); - pepsDataElem.appendChild(elem); - Text text= doc.createTextNode(PEPSFamilyname); - elem.appendChild(text); - } - - if (PEPSDateOfBirth != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:DateOfBirth"); - pepsDataElem.appendChild(elem); - Text text= doc.createTextNode(PEPSDateOfBirth); - elem.appendChild(text); - } - } - - if (signature == null) - throw new SZRGWClientException("Signature element must not be null!"); - else { - Element sig = doc.createElementNS(SZRGW_NS, "szrgw:Signature"); - Element base64content = doc.createElementNS(SZRGW_NS, "szrgw:Base64Content"); - sig.appendChild(base64content); - getIdentityLink.appendChild(sig); - Text text= doc.createTextNode(signature); - base64content.appendChild(text); - } - - return doc; - } catch (ParserConfigurationException e) { - throw new SZRGWClientException(e); - } /*catch (CertificateEncodingException e) { - throw new SZRGWClientException(e); - }*/ - - - } - -} - +import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+
+import javax.net.ssl.SSLSocketFactory;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.commons.httpclient.protocol.Protocol;
+import org.apache.xpath.XPathAPI;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.w3c.dom.Text;
+
+import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+
+
+
+/**
+ * This class implements a client for communication with the SZR-gateway
+ * <p>
+ * Two types of requests are supported
+ * <ol>
+ * <li>Basic Request</li>
+ * <li>Detailed Request</li>
+ * </ol>
+ *
+ * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
+ */
+public class SZRGWClient {
+ /**
+ * The URL of the SZR-gateway webservice.
+ */
+ private String address;
+
+ /**
+ * The SSL socket factory when using a secure connection.
+ */
+ private SSLSocketFactory sSLSocketFactory;
+
+ /**
+ * Constructor
+ */
+ public SZRGWClient() {
+ }
+
+ /**
+ * Constructor
+ *
+ * @param address the URL of the SZR-gateway webservice.
+ */
+ public SZRGWClient(String address) {
+ this.address = address;
+ }
+ /**
+ * Sets the SSL socket factory.
+ *
+ * @param factory the SSL socket factory.
+ */
+ public void setSSLSocketFactory(SSLSocketFactory factory) {
+ this.sSLSocketFactory = factory;
+ }
+
+ /**
+ * Sets the SZR webservice URL
+ *
+ * @param address the URL of the SZR-gateway webservice.
+ */
+ public void setAddress(String address) {
+ this.address = address;
+ }
+
+ /**
+ * Creates a mandate.
+ *
+ * @param reqElem the request.
+ * @return a SZR-gateway response containing the result
+ * @throws SZRGWException when an error occurs creating the mandate.
+ */
+ public CreateMandateResponse createMandateResponse(Element reqElem) throws SZRGWClientException {
+ //Logger.info("Connecting to SZR-gateway.");
+ try {
+ if (address == null) {
+ throw new NullPointerException("Address (SZR-gateway ServiceURL) must not be null.");
+ }
+ HttpClient client = new HttpClient();
+ PostMethod method = new PostMethod(address);
+ method.setRequestHeader("SOAPAction", "");
+
+
+ // ssl settings
+ if (sSLSocketFactory != null) {
+ SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory);
+ Protocol.registerProtocol("https", new Protocol("https", fac, 443));
+ }
+
+ // create soap body
+ Element soapBody = getSOAPBody();
+ Document doc = soapBody.getOwnerDocument();
+ soapBody.appendChild(doc.importNode(reqElem, true));
+ Element requestElement = soapBody.getOwnerDocument().getDocumentElement();
+
+ //ParepUtils.saveElementToFile(requestElement, new File("c:/temp/szrRequest.xml"));
+ ByteArrayOutputStream bos = new ByteArrayOutputStream();
+ ParepUtils.serializeElementAsDocument(requestElement, bos);
+
+ method.setRequestBody(new ByteArrayInputStream(bos.toByteArray()));
+ client.executeMethod(method);
+ CreateMandateResponse response = new CreateMandateResponse();
+
+ bos = new ByteArrayOutputStream();
+ doc = ParepUtils.readDocFromIs(method.getResponseBodyAsStream());
+
+ //ParepUtils.saveElementToFile(doc.getDocumentElement(), new File("c:/temp/szrResponse.xml"));
+ response.parse(doc.getDocumentElement());
+
+
+ return response;
+ } catch(Exception e) {
+ //e.printStackTrace();
+ throw new SZRGWClientException(e);
+ }
+ }
+
+ /**
+ * Gets a identity link.
+ *
+ * @param reqElem the request.
+ * @return a SZR-gateway response containing the result
+ * @throws SZRGWException when an error occurs creating the mandate.
+ */
+ public CreateIdentityLinkResponse createIdentityLinkResponse(Element reqElem) throws SZRGWClientException {
+
+ try {
+ if (address == null) {
+ throw new NullPointerException("Address (SZR-gateway ServiceURL) must not be null.");
+ }
+ HttpClient client = new HttpClient();
+ PostMethod method = new PostMethod(address);
+ method.setRequestHeader("SOAPAction", "");
+
+
+ // ssl settings
+ if (sSLSocketFactory != null) {
+ SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory);
+ Protocol.registerProtocol("https", new Protocol("https", fac, 443));
+ }
+
+ // create soap body
+ Element soapBody = getSOAPBody();
+ Document doc = soapBody.getOwnerDocument();
+ soapBody.appendChild(doc.importNode(reqElem, true));
+ Element requestElement = soapBody.getOwnerDocument().getDocumentElement();
+
+ //ParepUtils.saveElementToFile(requestElement, new File("c:/temp/szrRequest.xml"));
+ ByteArrayOutputStream bos = new ByteArrayOutputStream();
+ ParepUtils.serializeElementAsDocument(requestElement, bos);
+
+ method.setRequestBody(new ByteArrayInputStream(bos.toByteArray()));
+ client.executeMethod(method);
+ CreateIdentityLinkResponse response = new CreateIdentityLinkResponse();
+
+ bos = new ByteArrayOutputStream();
+ doc = ParepUtils.readDocFromIs(method.getResponseBodyAsStream());
+ //ParepUtils.saveElementToFile(doc.getDocumentElement(), new File("c:/temp/szrResponse.xml"));
+
+ NodeList list = doc.getElementsByTagNameNS(SZRGWConstants.SZRGW_REQUEST_NS, "ErrorResponse");
+ if (list.getLength() > 0) {
+ // set error response
+ list = doc.getElementsByTagNameNS(SZRGWConstants.SZRGW_REQUEST_NS, "Info");
+ String error = DOMUtils.getText(list.item(0));
+
+ response.setError(error);
+ }
+ else {
+ // set assertion
+ DocumentBuilder builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+ Document newdoc = builder.newDocument();
+
+ Element nameSpaceNode = newdoc.createElement("NameSpaceNode");
+ nameSpaceNode.setAttribute("xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
+ nameSpaceNode.setAttribute("xmlns:" + Constants.SAML_PREFIX, Constants.SAML_NS_URI);
+
+ Element samlAssertion = (Element)XPathAPI.selectSingleNode(doc, "//saml:Assertion[1]", nameSpaceNode);
+
+ if (samlAssertion == null)
+ throw new SZRGWClientException("Could not found a saml:Assertion element in response.");
+ else
+ response.setAssertion(samlAssertion);
+ }
+
+ return response;
+
+ } catch(Exception e) {
+ throw new SZRGWClientException(e);
+ }
+ }
+
+
+ /*
+ * builds an XML soap envelope
+ */
+ private Element getSOAPBody() throws SZRGWClientException {
+ Document doc_;
+ try {
+ doc_ = ParepUtils.createEmptyDocument();
+ Element root = doc_.createElementNS(SOAPConstants.SOAP_ENV_NS, SOAPConstants.SOAP_ENV_PREFIX + SOAPConstants.ENVELOPE);
+ doc_.appendChild(root);
+
+ root.setAttribute("xmlns" + SOAPConstants.SOAP_ENV_POSTFIX, SOAPConstants.SOAP_ENV_NS);
+ //root.setAttribute(SOAPConstants.SOAP_ENV_PREFIX + SOAPConstants.ENCODING_STYLE, SOAPConstants.SOAP_ENV_ENCODING_STYLE);
+ root.setAttribute("xmlns:xsd", "http://www.w3.org/2001/XMLSchema");
+ root.setAttribute("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance");
+
+ Element body = doc_.createElementNS(SOAPConstants.SOAP_ENV_NS, SOAPConstants.SOAP_ENV_PREFIX + SOAPConstants.BODY);
+ root.appendChild(body);
+
+ return body;
+ } catch (SZRGWClientException e) {
+ throw new SZRGWClientException(e);
+ }
+
+ }
+
+ public Document buildGetIdentityLinkRequest(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, Element signature) throws SZRGWClientException {
+
+ String SZRGW_NS = "http://reference.e-government.gv.at/namespace/szrgw/20070807#";
+ try {
+ DocumentBuilderFactory factory =DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ DocumentBuilder builder = factory.newDocumentBuilder();
+ Document doc = builder.newDocument();
+
+ Element getIdentityLink = doc.createElementNS(SZRGW_NS, "szrgw:GetIdentityLinkRequest");
+ getIdentityLink.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:szrgw", SZRGW_NS);
+ doc.appendChild(getIdentityLink);
+
+ if ( (PEPSIdentifier != null) || (PEPSFirstname != null) || (PEPSFamilyname != null) || (PEPSDateOfBirth != null) ) {
+
+ Element pepsDataElem = doc.createElementNS(SZRGW_NS, "szrgw:PEPSData");
+ getIdentityLink.appendChild(pepsDataElem);
+
+ if (PEPSIdentifier != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Identifier");
+ pepsDataElem.appendChild(elem);
+ Text text= doc.createTextNode(PEPSIdentifier);
+ elem.appendChild(text);
+ }
+ if (PEPSFirstname != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Firstname");
+ pepsDataElem.appendChild(elem);
+ Text text= doc.createTextNode(PEPSFirstname);
+ elem.appendChild(text);
+ }
+
+ if (PEPSFamilyname != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Familyname");
+ pepsDataElem.appendChild(elem);
+ Text text= doc.createTextNode(PEPSFamilyname);
+ elem.appendChild(text);
+ }
+
+ if (PEPSDateOfBirth != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:DateOfBirth");
+ pepsDataElem.appendChild(elem);
+ Text text= doc.createTextNode(PEPSDateOfBirth);
+ elem.appendChild(text);
+ }
+ }
+
+ if (signature == null)
+ throw new SZRGWClientException("Signature element must not be null!");
+ else {
+ Element sig = doc.createElementNS(SZRGW_NS, "szrgw:Signature");
+ Element xmlcontent = doc.createElementNS(SZRGW_NS, "szrgw:XMLContent");
+ sig.appendChild(xmlcontent);
+ Node n = doc.importNode(signature, true);
+ getIdentityLink.appendChild(sig);
+ xmlcontent.appendChild(n);
+ }
+
+
+ return doc;
+ } catch (ParserConfigurationException e) {
+ throw new SZRGWClientException(e);
+ } /*catch (CertificateEncodingException e) {
+ throw new SZRGWClientException(e);
+ }*/
+
+
+ }
+
+ public Document buildGetIdentityLinkRequest(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException {
+
+ String SZRGW_NS = "http://reference.e-government.gv.at/namespace/szrgw/20070807#";
+
+ try {
+ DocumentBuilderFactory factory =DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ DocumentBuilder builder = factory.newDocumentBuilder();
+ Document doc = builder.newDocument();
+
+ Element getIdentityLink = doc.createElementNS(SZRGW_NS, "szrgw:GetIdentityLinkRequest");
+ getIdentityLink.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:szrgw", SZRGW_NS);
+ doc.appendChild(getIdentityLink);
+
+ if ( (PEPSIdentifier != null) || (PEPSFirstname != null) || (PEPSFamilyname != null) || (PEPSDateOfBirth != null) ) {
+
+ Element pepsDataElem = doc.createElementNS(SZRGW_NS, "szrgw:PEPSData");
+ getIdentityLink.appendChild(pepsDataElem);
+
+ if (PEPSIdentifier != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Identifier");
+ pepsDataElem.appendChild(elem);
+ Text text= doc.createTextNode(PEPSIdentifier);
+ elem.appendChild(text);
+ }
+ if (PEPSFirstname != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Firstname");
+ pepsDataElem.appendChild(elem);
+ Text text= doc.createTextNode(PEPSFirstname);
+ elem.appendChild(text);
+ }
+
+ if (PEPSFamilyname != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Familyname");
+ pepsDataElem.appendChild(elem);
+ Text text= doc.createTextNode(PEPSFamilyname);
+ elem.appendChild(text);
+ }
+
+ if (PEPSDateOfBirth != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:DateOfBirth");
+ pepsDataElem.appendChild(elem);
+ Text text= doc.createTextNode(PEPSDateOfBirth);
+ elem.appendChild(text);
+ }
+ }
+
+ if (signature == null)
+ throw new SZRGWClientException("Signature element must not be null!");
+ else {
+ Element sig = doc.createElementNS(SZRGW_NS, "szrgw:Signature");
+ Element base64content = doc.createElementNS(SZRGW_NS, "szrgw:Base64Content");
+ sig.appendChild(base64content);
+ getIdentityLink.appendChild(sig);
+ Text text= doc.createTextNode(signature);
+ base64content.appendChild(text);
+ }
+
+ return doc;
+ } catch (ParserConfigurationException e) {
+ throw new SZRGWClientException(e);
+ } /*catch (CertificateEncodingException e) {
+ throw new SZRGWClientException(e);
+ }*/
+
+
+ }
+
+}
+
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClientException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClientException.java index 49198d79f..8e1f887f6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClientException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClientException.java @@ -1,66 +1,88 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-/** - * This class implements the basic exception type for the SZR-gateway client - * - * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a> - */ -public class SZRGWClientException extends Exception { - - /** - * - */ - private static final long serialVersionUID = 26538259471017714L; - -/* - * see super constructor. - */ - public SZRGWClientException() { - super(); - } - - /* - * see super constructor. - */ - public SZRGWClientException(String arg0) { - super(arg0); - } - - /* - * see super construction. - */ - public SZRGWClientException(Throwable arg0) { - super(arg0); - } - - /* - * see super constructor - */ - public SZRGWClientException(String arg0, Throwable arg1) { - super(arg0, arg1); - } -} +/**
+ * This class implements the basic exception type for the SZR-gateway client
+ *
+ * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
+ */
+public class SZRGWClientException extends Exception {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 26538259471017714L;
+
+/*
+ * see super constructor.
+ */
+ public SZRGWClientException() {
+ super();
+ }
+
+ /*
+ * see super constructor.
+ */
+ public SZRGWClientException(String arg0) {
+ super(arg0);
+ }
+
+ /*
+ * see super construction.
+ */
+ public SZRGWClientException(Throwable arg0) {
+ super(arg0);
+ }
+
+ /*
+ * see super constructor
+ */
+ public SZRGWClientException(String arg0, Throwable arg1) {
+ super(arg0, arg1);
+ }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWConstants.java index ab559aff9..b3c447009 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWConstants.java @@ -1,78 +1,100 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-/** - * This interface specifies all the constants needed for the communication with the SZR-gateway. - * - * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a> - */ -public interface SZRGWConstants { - - //PersonData - public static final String PD_PREFIX = "pr:"; - public static final String PD_POSTFIX = ":pr"; - public static final String PERSON = "Person"; - public static final String PHYSICALPERSON = "PhysicalPerson"; - public static final String CORPORATEBODY = "CorporateBody"; - public static final String IDENTIFICATION = "Identification"; - public static final String VALUE = "Value"; - public static final String TYPE = "Type"; - public static final String NAME = "Name"; - public static final String GIVENNAME = "GivenName"; - public static final String FAMILYNAME = "FamilyName"; - public static final String DATEOFBIRTH = "DateOfBirth"; - public static final String FULLNAME = "FullName"; - public static final String ORGANIZATION = "Organization"; - - public static final String POSTALADDRESS = "PostalAddress"; - public static final String DELIVERYADDRESS = "DeliveryAddress"; - public static final String MUNICIPALITY = "Municipality"; - public static final String POSTALCODE = "PostalCode"; - public static final String STREETNAME = "StreetName"; - public static final String BUILDINGNUMBER = "BuildingNumber"; - public static final String UNIT = "Unit"; - //String ADDRESS = "Address"; - //String COUNTRYCODE = "CountryCode"; - //String DOORNUMBER = "DoorNumber"; - - // SZR-gateway constants - public static final String SZRGW_REQUEST_NS = "http://reference.e-government.gv.at/namespace/szrgw/20070807#"; - public static final String MANDATE_NS = "http://reference.e-government.gv.at/namespace/mandates/20040701#"; - public static final String SZRGW_PREFIX = "sgw:"; - public static final String SZRGW_POSTFIX = ":sgw"; - public static final String CREATE_MANDATE_REQUEST = "CreateMandateRequest"; - public static final String CREATE_MANDATE_RESPONSE = "CreateMandateResponse"; - public static final String ERROR_RESPONSE = "ErrorResponse"; - public static final String MANDATOR = "Mandator"; - public static final String REPRESENTATIVE = "Representative"; - public static final String MANDATE = "Mandate"; - public static final String MANDATE_PREFIX = "md:"; - public static final String MANDATE_POSTFIX = ":md"; - - public static final String SAML_PREFIX = "saml:"; - public static final String SAML_POSTFIX = ":saml"; - -} +/**
+ * This interface specifies all the constants needed for the communication with the SZR-gateway.
+ *
+ * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
+ */
+public interface SZRGWConstants {
+
+ //PersonData
+ public static final String PD_PREFIX = "pr:";
+ public static final String PD_POSTFIX = ":pr";
+ public static final String PERSON = "Person";
+ public static final String PHYSICALPERSON = "PhysicalPerson";
+ public static final String CORPORATEBODY = "CorporateBody";
+ public static final String IDENTIFICATION = "Identification";
+ public static final String VALUE = "Value";
+ public static final String TYPE = "Type";
+ public static final String NAME = "Name";
+ public static final String GIVENNAME = "GivenName";
+ public static final String FAMILYNAME = "FamilyName";
+ public static final String DATEOFBIRTH = "DateOfBirth";
+ public static final String FULLNAME = "FullName";
+ public static final String ORGANIZATION = "Organization";
+
+ public static final String POSTALADDRESS = "PostalAddress";
+ public static final String DELIVERYADDRESS = "DeliveryAddress";
+ public static final String MUNICIPALITY = "Municipality";
+ public static final String POSTALCODE = "PostalCode";
+ public static final String STREETNAME = "StreetName";
+ public static final String BUILDINGNUMBER = "BuildingNumber";
+ public static final String UNIT = "Unit";
+ //String ADDRESS = "Address";
+ //String COUNTRYCODE = "CountryCode";
+ //String DOORNUMBER = "DoorNumber";
+
+ // SZR-gateway constants
+ public static final String SZRGW_REQUEST_NS = "http://reference.e-government.gv.at/namespace/szrgw/20070807#";
+ public static final String MANDATE_NS = "http://reference.e-government.gv.at/namespace/mandates/20040701#";
+ public static final String SZRGW_PREFIX = "sgw:";
+ public static final String SZRGW_POSTFIX = ":sgw";
+ public static final String CREATE_MANDATE_REQUEST = "CreateMandateRequest";
+ public static final String CREATE_MANDATE_RESPONSE = "CreateMandateResponse";
+ public static final String ERROR_RESPONSE = "ErrorResponse";
+ public static final String MANDATOR = "Mandator";
+ public static final String REPRESENTATIVE = "Representative";
+ public static final String MANDATE = "Mandate";
+ public static final String MANDATE_PREFIX = "md:";
+ public static final String MANDATE_POSTFIX = ":md";
+
+ public static final String SAML_PREFIX = "saml:";
+ public static final String SAML_POSTFIX = ":saml";
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java index 306384b53..fd16c1586 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java @@ -1,148 +1,170 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
- -import java.io.IOException; -import java.net.InetAddress; -import java.net.Socket; -import java.net.UnknownHostException; - -import javax.net.ssl.SSLSocketFactory; - -import org.apache.commons.httpclient.params.HttpConnectionParams; -import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; -/** - * This class implements a secure protocol socket factory - * for the Apache HTTP client. - * - * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a> - */ -public class SZRGWSecureSocketFactory implements SecureProtocolSocketFactory { - - /** - * The SSL socket factory. - */ - private SSLSocketFactory factory; - - /** - * Creates a new Secure socket factory for the - * Apache HTTP client. - * - * @param factory the SSL socket factory to use. - */ - public SZRGWSecureSocketFactory(SSLSocketFactory factory) { - this.factory = factory; - } - - - /** - * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int) - */ - public Socket createSocket( - String host, - int port, - InetAddress clientHost, - int clientPort) - throws IOException, UnknownHostException { - - return this.factory.createSocket( - host, - port, - clientHost, - clientPort - ); - } - - /** - * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int) - */ - public Socket createSocket(String host, int port) - throws IOException, UnknownHostException { - return this.factory.createSocket( - host, - port - ); - } - - /** - * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean) - */ - public Socket createSocket( - Socket socket, - String host, - int port, - boolean autoClose) - throws IOException, UnknownHostException { - return this.factory.createSocket( - socket, - host, - port, - autoClose - ); - } - - /** - * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int,org.apache.commons.httpclient.params.HttpConnectionParams) - */ - public Socket createSocket( - String host, - int port, - InetAddress clientHost, - int clientPort, - HttpConnectionParams params) - throws IOException, UnknownHostException, org.apache.commons.httpclient.ConnectTimeoutException { - - Socket socket = createSocket(host, port, clientHost, clientPort); - if (socket != null) { - // socket.setKeepAlive(false); - if (params.getReceiveBufferSize() >= 0) - socket.setReceiveBufferSize(params.getReceiveBufferSize()); - if (params.getSendBufferSize() >= 0) - socket.setSendBufferSize(params.getSendBufferSize()); - socket.setReuseAddress(true); - if (params.getSoTimeout() >= 0) - socket.setSoTimeout(params.getSoTimeout()); - } - return socket; - - } - - /** - * @see java.lang.Object#equals(java.lang.Object) - */ - public boolean equals(Object obj) { - return ((obj != null) && obj.getClass().equals(SZRGWSecureSocketFactory.class)); - } - - /** - * @see java.lang.Object#hashCode() - */ - public int hashCode() { - return SZRGWSecureSocketFactory.class.hashCode(); - } - -} - +import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+
+import javax.net.ssl.SSLSocketFactory;
+
+import org.apache.commons.httpclient.params.HttpConnectionParams;
+import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
+
+/**
+ * This class implements a secure protocol socket factory
+ * for the Apache HTTP client.
+ *
+ * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
+ */
+public class SZRGWSecureSocketFactory implements SecureProtocolSocketFactory {
+
+ /**
+ * The SSL socket factory.
+ */
+ private SSLSocketFactory factory;
+
+ /**
+ * Creates a new Secure socket factory for the
+ * Apache HTTP client.
+ *
+ * @param factory the SSL socket factory to use.
+ */
+ public SZRGWSecureSocketFactory(SSLSocketFactory factory) {
+ this.factory = factory;
+ }
+
+
+ /**
+ * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int)
+ */
+ public Socket createSocket(
+ String host,
+ int port,
+ InetAddress clientHost,
+ int clientPort)
+ throws IOException, UnknownHostException {
+
+ return this.factory.createSocket(
+ host,
+ port,
+ clientHost,
+ clientPort
+ );
+ }
+
+ /**
+ * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
+ */
+ public Socket createSocket(String host, int port)
+ throws IOException, UnknownHostException {
+ return this.factory.createSocket(
+ host,
+ port
+ );
+ }
+
+ /**
+ * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
+ */
+ public Socket createSocket(
+ Socket socket,
+ String host,
+ int port,
+ boolean autoClose)
+ throws IOException, UnknownHostException {
+ return this.factory.createSocket(
+ socket,
+ host,
+ port,
+ autoClose
+ );
+ }
+
+ /**
+ * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int,org.apache.commons.httpclient.params.HttpConnectionParams)
+ */
+ public Socket createSocket(
+ String host,
+ int port,
+ InetAddress clientHost,
+ int clientPort,
+ HttpConnectionParams params)
+ throws IOException, UnknownHostException, org.apache.commons.httpclient.ConnectTimeoutException {
+
+ Socket socket = createSocket(host, port, clientHost, clientPort);
+ if (socket != null) {
+ // socket.setKeepAlive(false);
+ if (params.getReceiveBufferSize() >= 0)
+ socket.setReceiveBufferSize(params.getReceiveBufferSize());
+ if (params.getSendBufferSize() >= 0)
+ socket.setSendBufferSize(params.getSendBufferSize());
+ socket.setReuseAddress(true);
+ if (params.getSoTimeout() >= 0)
+ socket.setSoTimeout(params.getSoTimeout());
+ }
+ return socket;
+
+ }
+
+ /**
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ public boolean equals(Object obj) {
+ return ((obj != null) && obj.getClass().equals(SZRGWSecureSocketFactory.class));
+ }
+
+ /**
+ * @see java.lang.Object#hashCode()
+ */
+ public int hashCode() {
+ return SZRGWSecureSocketFactory.class.hashCode();
+ }
+
+}
+
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/config/ParepConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/config/ParepConfiguration.java deleted file mode 100644 index ee5a57914..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/config/ParepConfiguration.java +++ /dev/null @@ -1,436 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.validator.parep.config;
-
-import java.io.File; -import java.io.FileInputStream; -import java.util.HashMap; - -import org.apache.xpath.XPathAPI; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator; -import at.gv.egovernment.moa.id.auth.validator.parep.PartyRepresentative; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Constants; -
-/**
- * This class implements the Configuration.
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- */
-public class ParepConfiguration {
- - - //TODO: check correctness!!!!
- /**
-// * System property for config file.
-// */
-// public final static String PAREP_VALIDATOR_CONFIG = "parep.validator.config";
-//
-// /**
-// * SZR-GW connection parameters.
-// */
-// private ConnectionParameter standardConnectionParameters;
-//
-// /**
-// * Input field processor.
-// */
-// private String standardInputProcessorClass;
-//
-// /**
-// * Input field processor template.
-// */
-// private String standardInputProcessorTemplate;
-//
-// /**
-// * Configured party representatives.
-// */
-// private HashMap partyRepresentatives;
-//
-// /**
-// * The configuration element.
-// */
-// private Element configElement = null;
-//
-// /**
-// * Defines whether the user input form must be shown on each
-// * request or not (also predefined mandates)
-// */
-// private boolean alwaysShowForm = false;
-//
-// /**
-// * The configuration base directory.
-// */
-// private String baseDir_;
-//
-// /**
-// * Gets the SZR-GW connection parameters.
-// *
-// * @return the connection parameters.
-// */
-// public ConnectionParameter getConnectionParameters(String representationID) {
-// if (partyRepresentatives == null || "*".equals(representationID))
-// return standardConnectionParameters;
-// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID);
-// ConnectionParameter connectionParameters = pr.getConnectionParameters();
-// if (connectionParameters==null) connectionParameters = standardConnectionParameters;
-// return connectionParameters;
-// }
-//
-// /**
-// * Sets the SZR-GW connection parameters for standard connection.
-// *
-// * @param connectionParameters
-// * the connection parameters.
-// */
-// public void setStandardConnectionParameters(ConnectionParameter connectionParameters) {
-// this.standardConnectionParameters = connectionParameters;
-// }
-//
-// /*
-// *
-// */
-// public String getFullDirectoryName(String fileString) {
-// return makeAbsoluteURL(fileString, baseDir_);
-// }
-//
-// /*
-// *
-// */
-// private static String makeAbsoluteURL(String url, String root) {
-// // if url is relative to rootConfigFileDirName make it absolute
-//
-// File keyFile;
-// String newURL = url;
-//
-// if (null == url)
-// return null;
-//
-// if (url.startsWith("http:/") || url.startsWith("https:/") || url.startsWith("ftp:/") || url.startsWith("file:/") || url.startsWith("file:\\")) {
-// return url;
-// } else {
-// // check if absolute - if not make it absolute
-// keyFile = new File(url);
-// if (!keyFile.isAbsolute()) {
-// keyFile = new File(root, url);
-// newURL = keyFile.getPath();
-// }
-// return newURL;
-// }
-// }
-//
-// /**
-// * Initializes the configuration with a given XML configuration element found
-// * in the MOA-ID configuration.
-// *
-// * @param configElem
-// * the configuration element.
-// * @throws ConfigurationException
-// * if an error occurs initializing the configuration.
-// */
-// public ParepConfiguration(Element configElem) throws ConfigurationException {
-//
-// partyRepresentatives = new HashMap();
-// partyRepresentatives.put("*", new PartyRepresentative(true, true));
-//
-// String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
-//
-// try {
-//
-// baseDir_ = (new File(fileName)).getParentFile().toURL().toString();
-// Logger.trace("Config base directory: " + baseDir_);
-// // check for configuration in system properties
-// if (System.getProperty(PAREP_VALIDATOR_CONFIG) != null) {
-// Document doc = ParepUtils.readDocFromIs(new FileInputStream(System.getProperty(PAREP_VALIDATOR_CONFIG)));
-// this.configElement = doc.getDocumentElement();
-// } else {
-// this.configElement = configElem;
-// }
-// } catch (Exception e) {
-// throw new ConfigurationException("Allgemeiner Fehler beim Einlesen der ParepValidatorConfiguration", null, e);
-// }
-// load();
-// }
-//
-// /*
-// *
-// */
-// private void load() throws ConfigurationException {
-// Logger.debug("Parse ParepValidator Konfiguration");
-// try {
-// Element nameSpaceNode = configElement.getOwnerDocument().createElement("NameSpaceNode");
-// nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI);
-// // nameSpaceNode.setAttribute("xmlns:sgw",
-// // SZRGWConstants.SZRGW_PROFILE_NS);
-//
-// Node inputProcessorNode = XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/"
-// + Constants.MOA_ID_CONFIG_PREFIX + ":InputProcessor", nameSpaceNode);
-// if (inputProcessorNode != null) {
-// this.standardInputProcessorTemplate = ((Element) inputProcessorNode).getAttribute("template");
-// Node inputProcessorClassNode = XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/"
-// + Constants.MOA_ID_CONFIG_PREFIX + ":InputProcessor/text()", nameSpaceNode);
-// if (inputProcessorClassNode != null) {
-// this.standardInputProcessorClass = inputProcessorClassNode.getNodeValue();
-// }
-// }
-// Node alwaysShowFormNode = XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/"
-// + Constants.MOA_ID_CONFIG_PREFIX + ":AlwaysShowForm/text()", nameSpaceNode);
-// if (alwaysShowFormNode != null) {
-// this.setAlwaysShowForm(alwaysShowFormNode.getNodeValue());
-// }
-//
-// // load connection parameters
-// Logger.debug("Lade SZR-Gateway Standard Verbindungsparameter");
-// Element connectionParamElement = (Element) XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/"
-// + Constants.MOA_ID_CONFIG_PREFIX + ":ConnectionParameter", nameSpaceNode);
-// if (connectionParamElement != null) {
-// // parse connection parameters
-// // ParepUtils.serializeElement(connectionParamElement, System.out);
-// this.standardConnectionParameters = buildConnectionParameter(connectionParamElement, nameSpaceNode);
-// }
-//
-// Logger.trace("Lade Konfiguration der Parteienvertreter");
-// NodeList partyRepresentativeNodeList = XPathAPI.selectNodeList(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/"
-// + Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentative", nameSpaceNode);
-// for (int i = 0; i < partyRepresentativeNodeList.getLength(); i++) {
-//
-// PartyRepresentative partyRepresentative = new PartyRepresentative();
-//
-// Element partyRepresentativeElement = (Element) partyRepresentativeNodeList.item(i);
-// boolean representPhysicalParty = partyRepresentativeElement.getAttribute("representPhysicalParty").equalsIgnoreCase("true") ? true : false;
-// boolean representCorporateParty = partyRepresentativeElement.getAttribute("representCorporateParty").equalsIgnoreCase("true") ? true : false;
-// partyRepresentative.setOid(partyRepresentativeElement.getAttribute("oid"));
-// partyRepresentative.setRepresentingPhysicalParty(representPhysicalParty);
-// partyRepresentative.setRepresentingCorporateParty(representCorporateParty);
-// partyRepresentative.setRepresentationText(partyRepresentativeElement.getAttribute("representationText"));
-//
-// Node inputProcessorSubNode = XPathAPI.selectSingleNode(partyRepresentativeElement, Constants.MOA_ID_CONFIG_PREFIX + ":InputProcessor", nameSpaceNode);
-// if (inputProcessorSubNode != null) {
-// partyRepresentative.setInputProcessorTemplate(((Element) inputProcessorSubNode).getAttribute("template"));
-// Node inputProcessorClassSubNode = XPathAPI.selectSingleNode(partyRepresentativeElement, Constants.MOA_ID_CONFIG_PREFIX
-// + ":InputProcessor/text()", nameSpaceNode);
-// if (inputProcessorClassSubNode != null) {
-// partyRepresentative.setInputProcessorClass(inputProcessorClassSubNode.getNodeValue());
-// }
-// }
-//
-// Element connectionParamSubElement = (Element) XPathAPI.selectSingleNode(partyRepresentativeElement, Constants.MOA_ID_CONFIG_PREFIX
-// + ":ConnectionParameter", nameSpaceNode);
-// if (connectionParamSubElement == null) {
-// if (this.standardConnectionParameters == null) {
-// throw new ConfigurationException("Fehler beim Parsen der ParepValidatorConfiguration: SZR-GW Verbindungsparameter zu Parteienvetreter "
-// + partyRepresentative.getOid() + " fehlen.", null, null);
-// }
-// } else {
-// // parse connection parameters
-// // ParepUtils.serializeElement(connectionParamSubElement, System.out);
-// partyRepresentative.setConnectionParameters(buildConnectionParameter(connectionParamSubElement, nameSpaceNode));
-// }
-// partyRepresentatives.put(partyRepresentative.getOid(), partyRepresentative);
-// Logger.debug("Parteienvertreter: " + partyRepresentative.getOid() + " erfolgreich konfiguriert (representPhysicalParty="
-// + partyRepresentative.isRepresentingPhysicalParty() + ", representCorporateParty=" + partyRepresentative.isRepresentingCorporateParty()
-// + ", representationText=" + partyRepresentative.getRepresentationText()
-// + ")");
-// }
-//
-// Logger.debug("ParepValidator Konfiguration erfolgreich geparst.");
-// } catch (Exception e) {
-// throw new ConfigurationException("Allgemeiner Fehler beim Parsen der MandateValidatorConfiguration", null, e);
-// }
-// }
-//
-// /*
-// *
-// */
-// private ConnectionParameter buildConnectionParameter(Element connParamElement, Element nameSpaceNode) throws ConfigurationException {
-// try {
-// ConnectionParameter connectionParameter = new ConnectionParameter();
-//
-// // parse connection url
-// String URL = connParamElement.getAttribute("URL");
-// connectionParameter.setUrl(URL);
-//
-// // accepted server certificates
-// Node accServerCertsNode = XPathAPI.selectSingleNode(connParamElement, Constants.MOA_ID_CONFIG_PREFIX + ":AcceptedServerCertificates/text()",
-// nameSpaceNode);
-// if (accServerCertsNode != null) {
-//
-// String serverCertsDir = getFullDirectoryName(accServerCertsNode.getNodeValue());
-// Logger.debug("Full directory name of accepted server certificates: " + serverCertsDir);
-// connectionParameter.setAcceptedServerCertificates(serverCertsDir);
-// }
-//
-// // client key store
-// Node clientKeyStoreNode = XPathAPI.selectSingleNode(connParamElement, Constants.MOA_ID_CONFIG_PREFIX + ":ClientKeyStore/text()", nameSpaceNode);
-// if (clientKeyStoreNode != null) {
-// String clientKeystore = getFullDirectoryName(clientKeyStoreNode.getNodeValue());
-// connectionParameter.setClientKeyStore(clientKeystore);
-// }
-//
-// // client key store password
-// Node clientKeyStorePasswordNode = XPathAPI.selectSingleNode(connParamElement, Constants.MOA_ID_CONFIG_PREFIX + ":ClientKeyStore/@password",
-// nameSpaceNode);
-// if (clientKeyStorePasswordNode != null) {
-// connectionParameter.setClientKeyStorePassword(clientKeyStorePasswordNode.getNodeValue());
-// }
-//
-// return connectionParameter;
-// } catch (Exception e) {
-// throw new ConfigurationException("Allgemeiner Fehler beim Parsen der ParepValidator ConnectionParameter.", null, e);
-// }
-// }
-//
-// public boolean isPartyRepresentative(String representationID) {
-// if (partyRepresentatives == null)
-// return false;
-// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID);
-// return pr != null;
-// }
-//
-// public boolean isRepresentingCorporateParty(String representationID) {
-// if (partyRepresentatives == null) return false;
-// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID);
-// if (pr == null) return false;
-// return pr.isRepresentingCorporateParty();
-// }
-//
-// public boolean isRepresentingPhysicalParty(String representationID) {
-// if (partyRepresentatives == null) return false;
-// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID);
-// if (pr == null) return false;
-// return pr.isRepresentingPhysicalParty();
-// }
-//
-// public String getRepresentationText(String representationID) {
-// String result = ParepValidator.STANDARD_REPRESENTATION_TEXT;
-// if (partyRepresentatives != null) {
-// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID);
-// if (pr != null) {
-// if (!ParepUtils.isEmpty(pr.getRepresentationText())) result = pr.getRepresentationText();
-// }
-// }
-// return result;
-// }
-//
-// /**
-// * @return the input processor classname corresponding to <code>representationID</code>
-// * @param representationID
-// * the representation ID.
-// */
-// public String getInputProcessorClass(String representationID) {
-// String inputProcessorClass = standardInputProcessorClass;
-// if (ParepUtils.isEmpty(inputProcessorClass)) inputProcessorClass = ParepValidator.PAREP_INPUT_PROCESSOR;
-// if (!(partyRepresentatives == null || "*".equals(representationID))) {
-// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID);
-// if (pr!=null) {
-// String prInputProcessorClass = pr.getInputProcessorClass();
-// if (!ParepUtils.isEmpty(prInputProcessorClass)) inputProcessorClass = prInputProcessorClass;
-// }
-// }
-// return inputProcessorClass;
-// }
-//
-// /**
-// * @param standardInputProcessorClass the standardInputProcessorClass to set
-// */
-// public void setStandardInputProcessorClass(String standardInputProcessorClass) {
-// this.standardInputProcessorClass = standardInputProcessorClass;
-// }
-//
-// /**
-// * @return the InputProcessorTemplate
-// */
-// public String getInputProcessorTemplate(String representationID) {
-// String inputProcessorTemplate = standardInputProcessorTemplate;
-// if (ParepUtils.isEmpty(inputProcessorTemplate)) inputProcessorTemplate = ParepValidator.PAREP_INPUT_TEMPLATE;
-// if (!(partyRepresentatives == null || "*".equals(representationID))) {
-// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID);
-// if (pr!=null) {
-// String prInputProcessorTemplate = pr.getInputProcessorTemplate();
-// if (!ParepUtils.isEmpty(prInputProcessorTemplate)) inputProcessorTemplate = prInputProcessorTemplate;
-// }
-// }
-// return inputProcessorTemplate;
-// }
-//
-// /**
-// * @param standardInputProcessorTemplate the standardInputProcessorTemplate to set
-// */
-// public void setStandardInputProcessorTemplate(String standardInputProcessorTemplate) {
-// this.standardInputProcessorTemplate = standardInputProcessorTemplate;
-// }
-//
-// /**
-// * @return the alwaysShowForm
-// */
-// public boolean isAlwaysShowForm() {
-// return alwaysShowForm;
-// }
-//
-// /**
-// * @param alwaysShowForm the alwaysShowForm to set
-// */
-// public void setAlwaysShowForm(String alwaysShowForm) {
-// if (ParepUtils.isEmpty(alwaysShowForm)) {
-// this.alwaysShowForm = false;
-// } else {
-// this.alwaysShowForm = alwaysShowForm.equalsIgnoreCase("true");
-// }
-// }
-//
-// public static boolean isMandateCompatibilityMode(Element configElement) throws ConfigurationException {
-// try {
-// if (configElement==null) return false;
-// Element nameSpaceNode = configElement.getOwnerDocument().createElement("NameSpaceNode");
-// nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI);
-// Node mandateCompatibilityNode = XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":CompatibilityMode/text()", nameSpaceNode);
-// if (mandateCompatibilityNode != null && !ParepUtils.isEmpty(mandateCompatibilityNode.getNodeValue())) {
-// return mandateCompatibilityNode.getNodeValue().equalsIgnoreCase("true");
-// }
-// return false;
-// } catch (Exception e) {
-// throw new ConfigurationException("Allgemeiner Fehler beim Parsen des CompatibilityMode Parameters.", null, e);
-// }
-//
-// }
-//
-//
-//// public static void main(String[] args) throws Exception {
-//// System.setProperty(PAREP_VALIDATOR_CONFIG, "c:/Doku/work/Organwalter/ConfigurationSnippetAppSpecific.xml");
-//// System.setProperty("moa.id.configuration", "c:/workspace33moa/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/moa-id/SampleMOAWIDConfiguration_withTestBKsProxy.xml");
-//// System.setProperty("log4j.configuration", "file:c:/workspace33moa/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/moa-id/log4j.properties");
-//// Configuration cfg = new Configuration(null);
-//// System.out.println(cfg.getInputProcessorClass("1.2.40.0.10.3.110"));
-////}
-
-}
|