diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java | 139 |
1 files changed, 110 insertions, 29 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index e62a4a8d5..94353fb6b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -18,6 +18,7 @@ import java.util.Map; import java.util.Properties; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.transaction.annotation.Transactional; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.MOAIDConstants; @@ -38,13 +39,13 @@ import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; +import iaik.pki.revocation.RevocationSourceTypes; /** * A class providing access to the Auth Part of the MOA-ID configuration data. @@ -196,6 +197,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String) */ @Override + @Transactional public Map<String, String> getConfigurationWithPrefix(String Prefix) { try { return configuration.getPropertySubset(Prefix); @@ -212,6 +214,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String) */ @Override + @Transactional public Map<String, String> getConfigurationWithWildCard(String key) { try { return configuration.searchPropertiesWithWildcard(key); @@ -238,19 +241,23 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertyWithKey(java.lang.String) */ @Override + @Transactional public String getConfigurationWithKey(String key) { try { - return configuration.getStringValue(key).trim(); - - } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { - return null; - } + String value = configuration.getStringValue(key); + if (value != null) + return value.trim(); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {} + + return null; } /** * Returns the general pvp2 properties config. NOTE: may be empty but never {@code null}. * @return the general pvp2 properties config. */ + @Transactional public Properties getGeneralPVP2ProperiesConfig() { return this.getGeneralProperiesConfig("protocols.pvp2."); } @@ -259,6 +266,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * Returns the general oauth20 properties config. NOTE: may be empty but never {@code null}. * @return the general oauth20 properties config. */ + @Transactional public Properties getGeneralOAuth20ProperiesConfig() { return this.getGeneralProperiesConfig("protocols.oauth20."); } @@ -268,6 +276,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @return the allowed protocols or {@code null}. */ + @Transactional public ProtocolAllowed getAllowedProtocols() { try { ProtocolAllowed allowedProtcols = new ProtocolAllowed(); @@ -293,6 +302,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getTransactionTimeOut() */ @Override + @Transactional public int getTransactionTimeOut() { try { return configuration.getIntegerValue( @@ -308,6 +318,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getSSOCreatedTimeOut() */ @Override + @Transactional public int getSSOCreatedTimeOut() { try { return configuration.getIntegerValue( @@ -323,6 +334,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getSSOUpdatedTimeOut() */ @Override + @Transactional public int getSSOUpdatedTimeOut() { try { return configuration.getIntegerValue( @@ -340,6 +352,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return an alternative source ID or {@code null}. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ + @Transactional public String getAlternativeSourceID() throws ConfigurationException { try { return configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID); @@ -355,6 +368,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @return the list of protocols. */ + @Transactional public List<String> getLegacyAllowedProtocols() { List<String> legacy = new ArrayList<String>(); @@ -386,6 +400,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @param oaURL URL requested for an online application * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable */ + @Transactional public OAAuthParameter getOnlineApplicationParameter(String oaURL) { Map<String, String> oa = getActiveOnlineApplication(oaURL); if (oa == null) { @@ -401,6 +416,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return a string with a url-reference to the VerifyAuthBlock trust profile ID. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. */ + @Transactional public String getMoaSpAuthBlockTrustProfileID(boolean useTestTrustStore) throws ConfigurationException { if (useTestTrustStore) return getMoaSpAuthBlockTestTrustProfileID(); @@ -457,6 +473,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return a list of strings containing all urls to the verify transform info IDs. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. */ + @Transactional public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { try { return Arrays.asList(configuration.getStringValue( @@ -474,6 +491,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return ConnectionParameter of the authentication component moa-sp element. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. */ + @Transactional public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { ConnectionParameter result = null; String moaspURL; @@ -500,24 +518,34 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the connection parameter. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. */ - public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { - ConnectionParameter result = null; - String serviceURL; + @Transactional + public ConnectionParameter getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException { + String serviceURL = null; try { - serviceURL = configuration.getStringValue( - MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL); - if (serviceURL != null) { - result = - new ConnectionParameterForeign(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + //load OA specific MIS service URL if OA configuration exists + if (oaParameters != null) + serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL); + //get first entry from general configuration if no OA specific URL exists + if (MiscUtil.isEmpty(serviceURL)) { + List<String> serviceURLs = KeyValueUtils.getListOfCSVValues( + configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL)); + if (serviceURLs.size() > 0) + serviceURL = serviceURLs.get(0); + } + if (MiscUtil.isNotEmpty(serviceURL)) + return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + + else + throw new ConfigurationException("service.09", new Object[]{"NO SZR-GW Service URL"}); + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { - Logger.warn("Loading SZRGW Service URL from configuration FAILED.", e); + Logger.warn("Initialize SZR-GW service connection parameters FAILED.", e); + throw new ConfigurationException("service.09", new Object[]{e.getMessage()}, e); - } - - return result; + } } /** @@ -526,24 +554,35 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the connection parameter. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ - public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { - ConnectionParameter result = null; - String serviceURL; + @Transactional + public ConnectionParameter getOnlineMandatesConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException { + String serviceURL = null; try { - serviceURL = configuration.getStringValue( - MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL); - if (serviceURL != null) { - result = - new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + //load OA specific MIS service URL if OA configuration exists + if (oaParameters != null) + serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_MIS_SERVICE_URL); + //get first entry from general configuration if no OA specific URL exists + if (MiscUtil.isEmpty(serviceURL)) { + List<String> serviceURLs = KeyValueUtils.getListOfCSVValues( + configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL)); + if (serviceURLs.size() > 0) + serviceURL = serviceURLs.get(0); + } + if (MiscUtil.isNotEmpty(serviceURL)) + return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + + else + throw new ConfigurationException("service.06", new Object[]{"NO MIS Service URL"}); + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { - Logger.warn("Loading SZRGW Service URL from configuration FAILED.", e); + Logger.warn("Initialize MIS service connection parameters FAILED.", e); + throw new ConfigurationException("service.06", new Object[]{e.getMessage()}, e); } - - return result; + } /** @@ -569,6 +608,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return a list of transform infos. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link SecurityLayer}. */ + @Transactional public List<String> getTransformsInfos() throws ConfigurationException { try { String securityLayer = configuration.getStringValue( @@ -601,6 +641,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ + @Transactional public List<String> getIdentityLinkX509SubjectNames() throws ConfigurationException { ArrayList<String> identityLinkX509SubjectNames = new ArrayList<String>(); @@ -622,6 +663,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return list of default SLRequestTemplates. * @throws ConfigurationException is never thrown */ + @Transactional public List<String> getSLRequestTemplates() throws ConfigurationException { List<String> templatesList = new ArrayList<String>(); @@ -648,6 +690,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @throws ConfigurationException is never thrown */ + @Transactional public String getSLRequestTemplates(String type) throws ConfigurationException { String slRequestTemplate = null; @@ -683,6 +726,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return list of default BKUURLs. * @throws ConfigurationException is never thrown */ + @Transactional public List<String> getDefaultBKUURLs() throws ConfigurationException { List<String> bkuurlsList = new ArrayList<String>(); try { @@ -708,6 +752,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @throws ConfigurationException is never thrown */ + @Transactional public String getDefaultBKUURL(String type) throws ConfigurationException { String defaultBKUUrl = null; try { @@ -742,6 +787,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the SSOTagetIdentifier or {@code null} * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ + @Transactional public String getSSOTagetIdentifier() throws ConfigurationException { try { String value = configuration.getStringValue( @@ -762,6 +808,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @return the SSOFriendlyName or a default String */ + @Transactional public String getSSOFriendlyName() { try { return configuration.getStringValue( @@ -778,6 +825,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @return the SSOSpecialText or an empty String */ + @Transactional public String getSSOSpecialText() { try { String text = configuration.getStringValue( @@ -864,6 +912,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide return Boolean.valueOf(prop); } + @Transactional public List<String> getPublicURLPrefix() throws ConfigurationException{ try { String publicURLPrefixList = configuration.getStringValue( @@ -929,6 +978,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return a new STORK Configuration or {@code null} * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ + @Transactional public IStorkConfig getStorkConfig() throws ConfigurationException { IStorkConfig result = null; try { @@ -1015,6 +1065,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return {@code true} if enable, {@code false} if disabled */ @Override + @Transactional public boolean isTrustmanagerrevoationchecking() { try { @@ -1033,6 +1084,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the path to the certstore directory or {@code null} */ @Override + @Transactional public String getCertstoreDirectory() { try { String path = rootConfigFileDir + configuration.getStringValue( @@ -1053,6 +1105,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } @Override + @Transactional public String getTrustedCACertificates() { try { String path = rootConfigFileDir + configuration.getStringValue( @@ -1079,6 +1132,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @param id the id of the requested online application * @return the requested online application or {@code null} */ + @Transactional public Map<String, String> getActiveOnlineApplication(String id) { Logger.trace("Get active OnlineApplication with ID " + id + " from database."); Map<String, String> oaConfig = null; @@ -1180,9 +1234,34 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.commons.api.AuthConfiguration#getRevocationMethodOrder() + */ + @Override + public String[] getRevocationMethodOrder() { + final String[] DEFAULTORDER = new String[] {RevocationSourceTypes.OCSP, RevocationSourceTypes.CRL}; + List<String> result = new ArrayList<String>(); + + String prop = properties.getProperty("configuration.ssl.validation.revocation.method.order"); + if (MiscUtil.isNotEmpty(prop)) { + String[] configOrder = prop.split(","); + for (String el : configOrder) { + if (RevocationSourceTypes.ALL.contains(el.trim())) { + result.add(el.trim()); + } + } + } + + if (result.isEmpty()) + return DEFAULTORDER; + else + return result.toArray(new String[result.size()]); + } + + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getDefaultRevisionsLogEventCodes() */ @Override + @Transactional public List<Integer> getDefaultRevisionsLogEventCodes() { try { String eventcodes = configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES); @@ -1215,6 +1294,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getMoaSpIdentityLinkTrustProfileID(boolean) */ @Override + @Transactional public String getMoaSpIdentityLinkTrustProfileID(boolean useTestTrustStore) throws ConfigurationException { if (useTestTrustStore) @@ -1227,6 +1307,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#isVirtualIDPsEnabled() */ @Override + @Transactional public boolean isVirtualIDPsEnabled() { try { String value = configuration.getStringValue( |