diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config')
6 files changed, 48 insertions, 411 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index d1872b2bc..1fa7e5eb2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -111,11 +111,10 @@ import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.data.IssuerAndSerial; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import eu.stork.vidp.messages.common.STORKBootstrap; /** * A class providing access to the Auth Part of the MOA-ID configuration data. - * + * * <p>Configuration data is read from an XML file, whose location is given by * the <code>moa.id.configuration</code> system property.</p> * <p>This class implements the Singleton pattern. The <code>reload()</code> @@ -364,9 +363,9 @@ public class AuthConfigurationProvider extends ConfigurationProvider { //Initialize OpenSAML for STORK - Logger.info("Starting initialization of OpenSAML..."); - STORKBootstrap.bootstrap(); - Logger.debug("OpenSAML successfully initialized"); +// Logger.info("Starting initialization of OpenSAML..."); +// STORKBootstrap.bootstrap(); +// Logger.debug("OpenSAML successfully initialized"); String legacyconfig = props.getProperty("configuration.xml.legacy"); @@ -456,12 +455,8 @@ public class AuthConfigurationProvider extends ConfigurationProvider { ForeignIdentities foreign = auth.getForeignIdentities(); if (foreign == null ) { Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); - - } - //TODO: commented because npe was thrown - //else - //storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir); - + } else + storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir); //load Chaining modes ChainingModes cm = moaidconfig.getChainingModes(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index aa886626a..998e28f6a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -59,6 +59,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; @@ -68,10 +69,6 @@ import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import eu.stork.vidp.messages.builder.STORKMessagesBuilder; -import eu.stork.vidp.messages.common.STORKConstants; -import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel; -import eu.stork.vidp.messages.stork.RequestedAttributes; /** * Configuration parameters belonging to an online application, @@ -100,21 +97,6 @@ public class OAAuthParameter extends OAParameter { this.keyBoxIdentifier = oa.getKeyBoxIdentifier().value(); } - - /** - * STORK QAA Level, Default = 4 - */ - private QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(4); - - /** - * STORK RequestedAttributes for Online Application - * Default RequestedAttributes are: eIdentifier, givenName, surname, dateOfBirth - */ - private RequestedAttributes requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes( - STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, true, null), - STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_GIVENNAME, true, null), - STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SURNAME, true, null), - STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH, false, null)); private String keyBoxIdentifier; @@ -285,6 +267,15 @@ public boolean isOnlyMandateAllowed() { return false; } + /** + * Shall we show the stork login in the bku selection frontend? + * + * @return true, if is we should show stork login + */ + public boolean isShowStorkLogin() { + return oa_auth.getOASTORK().isStorkLogonEnabled(); + } + public Map<String, String> getFormCustomizaten() { TemplatesType templates = oa_auth.getTemplates(); @@ -330,18 +321,15 @@ public Map<String, String> getFormCustomizaten() { return map; } -/** - * @return the qaaLevel - */ -public QualityAuthenticationAssuranceLevel getQaaLevel() { - return qaaLevel; +public Integer getQaaLevel() { + return oa_auth.getOASTORK().getQaa(); } /** * @return the requestedAttributes */ -public RequestedAttributes getRequestedAttributes() { - return requestedAttributes; +public List<OAStorkAttribute> getRequestedAttributes() { + return oa_auth.getOASTORK().getOAAttributes(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java index 8e24bdfdd..f515ea6bd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java @@ -36,16 +36,11 @@ import java.util.Map; import java.util.Properties; import java.util.Set; -import org.opensaml.saml2.metadata.RequestedAttribute; import org.w3c.dom.Element; -import eu.stork.vidp.messages.util.SAMLUtil; -import eu.stork.vidp.messages.util.XMLUtil; - import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; -import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; @@ -55,8 +50,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; -import at.gv.egovernment.moa.id.commons.db.dao.config.KeyName; -import at.gv.egovernment.moa.id.commons.db.dao.config.KeyStore; import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; @@ -70,13 +63,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; -import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter; import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; -import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; -import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureCreationParameterType; -import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureVerificationParameterType; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; @@ -305,63 +294,6 @@ public class BuildFromLegacyConfig { parseConnectionParameterClientAuth(foreignIDConnectionParameter); auth_foreign.setConnectionParameter(auth_foreign_connection); - //set STORK configuration - STORKConfig storkConfig = new STORKConfig(builder.buildSTORKSignatureCreationParameter(),builder.buildSTORKSignatureVerificationParameter(), builder.buildSTORKcPEPSMap()); - STORK auth_foreign_stork = new STORK(); - auth_foreign.setSTORK(auth_foreign_stork); - - //set CPEPS - Map<String, at.gv.egovernment.moa.id.config.legacy.CPEPS> map = storkConfig.getCpepsMap(); - Set<String> map_keys = map.keySet(); - List<CPEPS> auth_foreign_stork_cpeps = new ArrayList<CPEPS>(); - for (String key : map_keys) { - CPEPS cpep = new CPEPS(); - cpep.setCountryCode(map.get(key).getCountryCode()); - cpep.setURL(map.get(key).getPepsURL().toExternalForm()); //check correctness!!!! - - List<String> cpep_reqs = new ArrayList<String>(); - - List<RequestedAttribute> map1 = map.get(key).getCountrySpecificRequestedAttributes(); - for (RequestedAttribute e1 : map1) { - Element element = SAMLUtil.marshallMessage(e1); - cpep_reqs.add(XMLUtil.printXML(element)); - } - cpep.setAttributeValue(cpep_reqs); - auth_foreign_stork_cpeps.add(cpep); - } - auth_foreign_stork.setCPEPS(auth_foreign_stork_cpeps); - - - //set SAMLSigningParameter - if (storkConfig.getSignatureCreationParameter() != null && - storkConfig.getSignatureVerificationParameter() != null) { - SAMLSigningParameter auth_foreign_stork_samlSign = new SAMLSigningParameter(); - auth_foreign_stork.setSAMLSigningParameter(auth_foreign_stork_samlSign); - - SignatureCreationParameterType stork_saml_creat = new SignatureCreationParameterType(); - auth_foreign_stork_samlSign.setSignatureCreationParameter(stork_saml_creat); - KeyStore stork_saml_creat_keystore = new KeyStore(); - stork_saml_creat.setKeyStore(stork_saml_creat_keystore); - stork_saml_creat_keystore.setPassword(storkConfig.getSignatureCreationParameter().getKeyStorePassword()); - stork_saml_creat_keystore.setValue(storkConfig.getSignatureCreationParameter().getKeyStorePath()); - KeyName stork_saml_creat_keyname = new KeyName(); - stork_saml_creat.setKeyName(stork_saml_creat_keyname); - stork_saml_creat_keyname.setValue(storkConfig.getSignatureCreationParameter().getKeyName()); - stork_saml_creat_keyname.setPassword(storkConfig.getSignatureCreationParameter().getKeyPassword()); - - - - SignatureVerificationParameterType stork_saml_verify = new SignatureVerificationParameterType(); - auth_foreign_stork_samlSign.setSignatureVerificationParameter(stork_saml_verify); - stork_saml_verify.setTrustProfileID(storkConfig.getSignatureVerificationParameter().getTrustProfileID()); - - } - - //TODO: check correctness - //set QualityAuthenticationAssurance - //set RequestedAttbutes - - //set OnlineMandates config ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter(); if (onlineMandatesConnectionParameter != null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java index 45ed39bd4..6ad45d8c9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java @@ -52,8 +52,6 @@ import iaik.utils.RFC2253NameParserException; import java.io.IOException; import java.math.BigInteger; -import java.net.MalformedURLException; -import java.net.URL; import java.security.Principal; import java.util.ArrayList; import java.util.HashMap; @@ -63,8 +61,6 @@ import java.util.List; import java.util.Map; import java.util.Vector; -import org.opensaml.saml2.metadata.RequestedAttribute; -import org.opensaml.ws.message.encoder.MessageEncodingException; import org.w3c.dom.Attr; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -78,9 +74,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.legacy.OAAuthParameter; import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameter; import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameters; -import at.gv.egovernment.moa.id.config.legacy.CPEPS; import at.gv.egovernment.moa.id.config.legacy.SignatureCreationParameter; -import at.gv.egovernment.moa.id.config.legacy.SignatureVerificationParameter; import at.gv.egovernment.moa.id.data.IssuerAndSerial; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -88,15 +82,9 @@ import at.gv.egovernment.moa.util.BoolUtils; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.FileUtils; -import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; import at.gv.egovernment.moa.util.XPathException; import at.gv.egovernment.moa.util.XPathUtils; -import eu.stork.vidp.messages.builder.STORKMessagesBuilder; -import eu.stork.vidp.messages.common.STORKConstants; -import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel; -import eu.stork.vidp.messages.stork.RequestedAttributes; -import eu.stork.vidp.messages.util.SAMLUtil; /** * A class that builds configuration data from a DOM based representation. @@ -1241,170 +1229,6 @@ public List getTrustedTemplateURLs() { } /** - * Creates a SignatureVerificationParameter object from the MOA-ID configuration - * This configuration object contains the TrustProfile to be used for signature verification (STORK SAML Signature Verification) - * - * @return TrustProfileID for signature verification (STORK SAML Signature Verification) - */ - public SignatureVerificationParameter buildSTORKSignatureVerificationParameter() { - - Logger.debug("Loading STORK signature verification parameters."); - - Element signatureVerificationParameterElement = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER); - if (signatureVerificationParameterElement == null) { - Logger.debug("No STORK verification parameters found, " +AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER + "is missing."); - return null; - } - - SignatureVerificationParameter signatureVerificationParameter = new SignatureVerificationParameter(); - - String trustProfileID = XPathUtils.getElementValue(signatureVerificationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID, null); - if (StringUtils.isEmpty(trustProfileID)) { - Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID + "is missing."); - return null; - } - Logger.trace("Using the following MOA-SP TrustProfile for STORK SAML signature verification: " + trustProfileID); - signatureVerificationParameter.setTrustProfileID(trustProfileID); - - Logger.info("STORK signature verification parameters loaded."); - - return signatureVerificationParameter; - } - - /** - * Builds a C-PEPS object from configuration - * @param cpepsElement DOM Element of C-PEPS from configuration - * @return C-PEPS object - */ - public CPEPS buildSTORKCpeps(Element cpepsElement) { - - String countryCode = cpepsElement.getAttribute(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE); - String cpepsURLString = cpepsElement.getAttribute(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL); - if (StringUtils.isEmpty(countryCode)) { - Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE + "is missing."); - return null; - } - if (StringUtils.isEmpty(cpepsURLString)) { - Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL + "is missing."); - return null; - } - - URL cpepsURL; - try { - cpepsURL = new URL(cpepsURLString); - } catch (MalformedURLException e) { - Logger.error("Provided CPEPS-URL (" + cpepsURLString + ") for country " + countryCode + " is not a URL", e); - return null; - } - CPEPS cpeps = new CPEPS(countryCode, cpepsURL); - Logger.debug("Adding C-PEPS for country: " + cpeps.getCountryCode() + ", URL: " + cpeps.getPepsURL()); - - Element reqAttributeElement; - NodeIterator reqAttributeIterator = XPathUtils.selectNodeIterator(cpepsElement, AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_REQUESTED_ATTRIBUTES); - - while ((reqAttributeElement = (Element) reqAttributeIterator.nextNode()) != null) { - RequestedAttribute requestedAttribute; - try { - requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(reqAttributeElement); - } catch (MessageEncodingException e) { - Logger.error("Provided RequestedAttributes for CPEPS from country " + countryCode + " is malformed.", e); - return null; - } - //only add if STORK attribute is correct - if (STORKConstants.FULL_STORK_ATTRIBUTE_SET.contains(requestedAttribute.getName())) { - cpeps.addCountrySpecificRequestedAttribute(requestedAttribute); - Logger.debug("Adding also country specific requested attribute for C-PEPS (" + countryCode + "): " + requestedAttribute.getName() + ", isRequired: " + requestedAttribute.isRequired()); - } else { - Logger.warn("Skipping addition of requested STORK Attribute, attribute unknown : " + requestedAttribute.getName()); - } - - } - - return cpeps; - } - - /** - * Builds the supported C-PEPS Map from configuration - * @return Map of C-PEPS - */ - public Map<String, CPEPS> buildSTORKcPEPSMap() { - - Logger.debug("Loading STORK C-PEPS information"); - - Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>(); - - NodeIterator cpepsIterator = XPathUtils.selectNodeIterator(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_CPEPS); - - Element cpepsElement; - CPEPS cpeps; - - while ((cpepsElement = (Element) cpepsIterator.nextNode()) != null) { - cpeps = buildSTORKCpeps(cpepsElement); - if (cpeps != null) { - cpepsMap.put(cpeps.getCountryCode(), cpeps); - } - } - - if(!cpepsMap.isEmpty()) { - Logger.info("STORK C-PEPS information loaded"); - } - - return cpepsMap; - - } - - /** - * Builds the required STORK QAALevel for this OA - * @param authComponentElement DOM Element of AuthComponent (from MOA configuration) - * @return STORK QAALevel for this OA - */ - public QualityAuthenticationAssuranceLevel buildOaSTORKQAALevel(Element authComponentElement) { - Element qaaLevelElement = (Element)XPathUtils.selectSingleNode(authComponentElement, OA_AUTH_COMPONENT_STORK_QAA); - - if (qaaLevelElement == null) return null; - - try { - QualityAuthenticationAssuranceLevel qaaLevel = (QualityAuthenticationAssuranceLevel) SAMLUtil.unmarshallMessage(qaaLevelElement); - return qaaLevel; - } catch (MessageEncodingException e) { - Logger.error("Could not build STORK QAALevel, using default."); - return null; - } - - } - - /** - * Builds the Requested Attributes specific for an OA - * @param authComponentElement DOM Element of AuthComponent (from MOA configuration) - * @return STORK RequestedAttributes for this OA - */ - public RequestedAttributes buildOaSTORKRequestedAttributes(Element authComponentElement) { - List<RequestedAttribute> reqAttributeList = new ArrayList<RequestedAttribute>(); - - - Element reqAttributeElement; - NodeIterator reqAttributeIterator = XPathUtils.selectNodeIterator(authComponentElement, OA_AUTH_COMPONENT_STORK_REQUESTED_ATTRIBUTE); - - while ((reqAttributeElement = (Element) reqAttributeIterator.nextNode()) != null) { - RequestedAttribute requestedAttribute; - try { - requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(reqAttributeElement); - } catch (MessageEncodingException e) { - Logger.error("Provided RequestedAttributes Online Application is malformed.", e); - return null; - } - //only add if STORK attribute is correct - if (STORKConstants.FULL_STORK_ATTRIBUTE_SET.contains(requestedAttribute.getName())) { - reqAttributeList.add(requestedAttribute); - } else { - Logger.warn("Skipping addition of requested STORK Attribute, attribute unknown : " + requestedAttribute.getName()); - } - } - - return STORKMessagesBuilder.buildRequestedAttributes(reqAttributeList); - } - - /** * Method warn. * @param messageId to identify a country-specific message * @param parameters for the logger diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java index 01977c239..6bdbd38d8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java @@ -46,15 +46,6 @@ package at.gv.egovernment.moa.id.config.legacy; -import java.util.ArrayList; - -import org.opensaml.saml2.metadata.RequestedAttribute; - -import eu.stork.vidp.messages.builder.STORKMessagesBuilder; -import eu.stork.vidp.messages.common.STORKConstants; -import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel; -import eu.stork.vidp.messages.stork.RequestedAttributes; - /** * Configuration parameters belonging to an online application, * to use with the MOA ID Auth component. @@ -151,22 +142,6 @@ public class OAAuthParameter extends OAParameter { */ private String identityLinkDomainIdentifierType; - /** - * STORK QAA Level, Default = 4 - */ - private QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(4); - - /** - * STORK RequestedAttributes for Online Application - * Default RequestedAttributes are: eIdentifier, givenName, surname, dateOfBirth - */ - private RequestedAttributes requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes( - STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, true, null), - STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_GIVENNAME, true, null), - STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SURNAME, true, null), - STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH, false, null)); - - /** * Returns <code>true</code> if the Security Layer version is version 1.2, * otherwise <code>false</code>. @@ -486,38 +461,4 @@ public class OAAuthParameter extends OAParameter { return this.mandateProfiles; } - /** - * Returns the defined STORK QAALevel - * @return STORK QAALevel - */ - public QualityAuthenticationAssuranceLevel getQaaLevel() { - return qaaLevel; - } - - /** - * Sets the STORK QAALevel - * @param qaaLevel - */ - public void setQaaLevel(QualityAuthenticationAssuranceLevel qaaLevel) { - this.qaaLevel = qaaLevel; - } - - /** - * Returns the desired STORK Requested Attributes - * @return STORK Requested Attributes - */ - public RequestedAttributes getRequestedAttributes() { - return requestedAttributes; - } - - /** - * Sets the desired STORK Requested Attributes - * @param requestedAttributes - */ - public void setRequestedAttributes(RequestedAttributes requestedAttributes) { - this.requestedAttributes = requestedAttributes; - } - - - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java index 76cd8f994..463930fd7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java @@ -21,11 +21,10 @@ * that you distribute must include a readable copy of the "NOTICE" text file.
*******************************************************************************/
/**
- *
+ *
*/
package at.gv.egovernment.moa.id.config.stork;
-import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
@@ -34,133 +33,91 @@ import java.util.List; import java.util.Map;
import java.util.Properties;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
-import org.w3c.dom.Element;
-import org.xml.sax.SAXException;
-
-import eu.stork.vidp.messages.util.SAMLUtil;
-import eu.stork.vidp.messages.util.XMLUtil;
-
-import at.gv.egovernment.moa.id.commons.db.dao.config.RequestedAttributeType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter;
import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureVerificationParameterType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.StringUtils;
/**
* Encapsulates several STORK configuration parameters according MOA configuration
- *
+ *
* @author bzwattendorfer
*
*/
public class STORKConfig {
-
+
/** STORK SAML signature creation parameters */
private Properties props = null;
private Map<String, CPEPS> cpepsMap = null;
private String basedirectory = null;
private SignatureVerificationParameter sigverifyparam = null;
-
-
+ private List<StorkAttribute> attr = null;
+
+
public STORKConfig(STORK stork, Properties props, String basedirectory) {
this.basedirectory = basedirectory;
this.props = props;
-
+
//create CPEPS map
List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
cpepsMap = new HashMap<String, CPEPS>();
-
+
for(at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS cpep : cpeps) {
-
+
try {
CPEPS moacpep = new CPEPS(cpep.getCountryCode(), new URL(cpep.getURL()));
-
- List<String> attr = cpep.getAttributeValue();
-
- ArrayList<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
-
- for (String e1 : attr) {
- Element element = XMLUtil.stringToDOM(e1);
- RequestedAttribute requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(element);
- requestedAttributes.add(requestedAttribute);
- }
- moacpep.setCountrySpecificRequestedAttributes(requestedAttributes);
-
+
cpepsMap.put(cpep.getCountryCode(), moacpep);
-
+
} catch (MalformedURLException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+ Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+ cpep.getCountryCode() + " has an invalid URL and is ignored.");
- } catch (ParserConfigurationException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (SAXException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (IOException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (MessageEncodingException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
}
}
- SAMLSigningParameter samlsign = stork.getSAMLSigningParameter();
-
- if (samlsign == null) {
- Logger.warn("Error in MOA-ID Configuration. No STORK->SAMLSigningParameter configuration found.");
- } else {
- SignatureVerificationParameterType sigverify = samlsign.getSignatureVerificationParameter();
-
- if (sigverify == null) {
- Logger.warn("Error in MOA-ID Configuration. No STORK->SignatureVerificationParameter configuration found.");
-
- } else {
- sigverifyparam = new SignatureVerificationParameter(sigverify.getTrustProfileID());
- }
+ attr = new ArrayList<StorkAttribute>();
+ for(StorkAttribute current : stork.getAttributes()) {
+ attr.add(current);
}
-
+
}
public SignatureCreationParameter getSignatureCreationParameter() {
-
+
return new SignatureCreationParameter(props, basedirectory);
}
public SignatureVerificationParameter getSignatureVerificationParameter() {
-
- return sigverifyparam;
+
+ return sigverifyparam;
}
public Map<String, CPEPS> getCpepsMap() {
return cpepsMap;
}
-
+
public boolean isSTORKAuthentication(String ccc) {
-
+
if (StringUtils.isEmpty(ccc) || this.cpepsMap.isEmpty())
return false;
-
+
if (this.cpepsMap.containsKey(ccc.toUpperCase()))
return true;
else
return false;
-
+
}
-
+
public CPEPS getCPEPS(String ccc) {
if (isSTORKAuthentication(ccc))
return this.cpepsMap.get(ccc);
else
return null;
}
-
+ public List<StorkAttribute> getStorkAttributes() {
+ return attr;
+ }
}
|