aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java17
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java40
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java68
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java176
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java59
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java99
6 files changed, 48 insertions, 411 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index d1872b2bc..1fa7e5eb2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -111,11 +111,10 @@ import at.gv.egovernment.moa.id.config.stork.STORKConfig;
import at.gv.egovernment.moa.id.data.IssuerAndSerial;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
-import eu.stork.vidp.messages.common.STORKBootstrap;
/**
* A class providing access to the Auth Part of the MOA-ID configuration data.
- *
+ *
* <p>Configuration data is read from an XML file, whose location is given by
* the <code>moa.id.configuration</code> system property.</p>
* <p>This class implements the Singleton pattern. The <code>reload()</code>
@@ -364,9 +363,9 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
//Initialize OpenSAML for STORK
- Logger.info("Starting initialization of OpenSAML...");
- STORKBootstrap.bootstrap();
- Logger.debug("OpenSAML successfully initialized");
+// Logger.info("Starting initialization of OpenSAML...");
+// STORKBootstrap.bootstrap();
+// Logger.debug("OpenSAML successfully initialized");
String legacyconfig = props.getProperty("configuration.xml.legacy");
@@ -456,12 +455,8 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
ForeignIdentities foreign = auth.getForeignIdentities();
if (foreign == null ) {
Logger.warn("Error in MOA-ID Configuration. No STORK configuration found.");
-
- }
- //TODO: commented because npe was thrown
- //else
- //storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir);
-
+ } else
+ storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir);
//load Chaining modes
ChainingModes cm = moaidconfig.getChainingModes();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index aa886626a..998e28f6a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -59,6 +59,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
@@ -68,10 +69,6 @@ import at.gv.egovernment.moa.id.config.OAParameter;
import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
/**
* Configuration parameters belonging to an online application,
@@ -100,21 +97,6 @@ public class OAAuthParameter extends OAParameter {
this.keyBoxIdentifier = oa.getKeyBoxIdentifier().value();
}
-
- /**
- * STORK QAA Level, Default = 4
- */
- private QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(4);
-
- /**
- * STORK RequestedAttributes for Online Application
- * Default RequestedAttributes are: eIdentifier, givenName, surname, dateOfBirth
- */
- private RequestedAttributes requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes(
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_GIVENNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SURNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH, false, null));
private String keyBoxIdentifier;
@@ -285,6 +267,15 @@ public boolean isOnlyMandateAllowed() {
return false;
}
+ /**
+ * Shall we show the stork login in the bku selection frontend?
+ *
+ * @return true, if is we should show stork login
+ */
+ public boolean isShowStorkLogin() {
+ return oa_auth.getOASTORK().isStorkLogonEnabled();
+ }
+
public Map<String, String> getFormCustomizaten() {
TemplatesType templates = oa_auth.getTemplates();
@@ -330,18 +321,15 @@ public Map<String, String> getFormCustomizaten() {
return map;
}
-/**
- * @return the qaaLevel
- */
-public QualityAuthenticationAssuranceLevel getQaaLevel() {
- return qaaLevel;
+public Integer getQaaLevel() {
+ return oa_auth.getOASTORK().getQaa();
}
/**
* @return the requestedAttributes
*/
-public RequestedAttributes getRequestedAttributes() {
- return requestedAttributes;
+public List<OAStorkAttribute> getRequestedAttributes() {
+ return oa_auth.getOASTORK().getOAAttributes();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 8e24bdfdd..f515ea6bd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -36,16 +36,11 @@ import java.util.Map;
import java.util.Properties;
import java.util.Set;
-import org.opensaml.saml2.metadata.RequestedAttribute;
import org.w3c.dom.Element;
-import eu.stork.vidp.messages.util.SAMLUtil;
-import eu.stork.vidp.messages.util.XMLUtil;
-
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
-import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes;
import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
@@ -55,8 +50,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
-import at.gv.egovernment.moa.id.commons.db.dao.config.KeyName;
-import at.gv.egovernment.moa.id.commons.db.dao.config.KeyStore;
import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
@@ -70,13 +63,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;
import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter;
import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
-import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureCreationParameterType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureVerificationParameterType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
@@ -305,63 +294,6 @@ public class BuildFromLegacyConfig {
parseConnectionParameterClientAuth(foreignIDConnectionParameter);
auth_foreign.setConnectionParameter(auth_foreign_connection);
- //set STORK configuration
- STORKConfig storkConfig = new STORKConfig(builder.buildSTORKSignatureCreationParameter(),builder.buildSTORKSignatureVerificationParameter(), builder.buildSTORKcPEPSMap());
- STORK auth_foreign_stork = new STORK();
- auth_foreign.setSTORK(auth_foreign_stork);
-
- //set CPEPS
- Map<String, at.gv.egovernment.moa.id.config.legacy.CPEPS> map = storkConfig.getCpepsMap();
- Set<String> map_keys = map.keySet();
- List<CPEPS> auth_foreign_stork_cpeps = new ArrayList<CPEPS>();
- for (String key : map_keys) {
- CPEPS cpep = new CPEPS();
- cpep.setCountryCode(map.get(key).getCountryCode());
- cpep.setURL(map.get(key).getPepsURL().toExternalForm()); //check correctness!!!!
-
- List<String> cpep_reqs = new ArrayList<String>();
-
- List<RequestedAttribute> map1 = map.get(key).getCountrySpecificRequestedAttributes();
- for (RequestedAttribute e1 : map1) {
- Element element = SAMLUtil.marshallMessage(e1);
- cpep_reqs.add(XMLUtil.printXML(element));
- }
- cpep.setAttributeValue(cpep_reqs);
- auth_foreign_stork_cpeps.add(cpep);
- }
- auth_foreign_stork.setCPEPS(auth_foreign_stork_cpeps);
-
-
- //set SAMLSigningParameter
- if (storkConfig.getSignatureCreationParameter() != null &&
- storkConfig.getSignatureVerificationParameter() != null) {
- SAMLSigningParameter auth_foreign_stork_samlSign = new SAMLSigningParameter();
- auth_foreign_stork.setSAMLSigningParameter(auth_foreign_stork_samlSign);
-
- SignatureCreationParameterType stork_saml_creat = new SignatureCreationParameterType();
- auth_foreign_stork_samlSign.setSignatureCreationParameter(stork_saml_creat);
- KeyStore stork_saml_creat_keystore = new KeyStore();
- stork_saml_creat.setKeyStore(stork_saml_creat_keystore);
- stork_saml_creat_keystore.setPassword(storkConfig.getSignatureCreationParameter().getKeyStorePassword());
- stork_saml_creat_keystore.setValue(storkConfig.getSignatureCreationParameter().getKeyStorePath());
- KeyName stork_saml_creat_keyname = new KeyName();
- stork_saml_creat.setKeyName(stork_saml_creat_keyname);
- stork_saml_creat_keyname.setValue(storkConfig.getSignatureCreationParameter().getKeyName());
- stork_saml_creat_keyname.setPassword(storkConfig.getSignatureCreationParameter().getKeyPassword());
-
-
-
- SignatureVerificationParameterType stork_saml_verify = new SignatureVerificationParameterType();
- auth_foreign_stork_samlSign.setSignatureVerificationParameter(stork_saml_verify);
- stork_saml_verify.setTrustProfileID(storkConfig.getSignatureVerificationParameter().getTrustProfileID());
-
- }
-
- //TODO: check correctness
- //set QualityAuthenticationAssurance
- //set RequestedAttbutes
-
-
//set OnlineMandates config
ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter();
if (onlineMandatesConnectionParameter != null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
index 45ed39bd4..6ad45d8c9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
@@ -52,8 +52,6 @@ import iaik.utils.RFC2253NameParserException;
import java.io.IOException;
import java.math.BigInteger;
-import java.net.MalformedURLException;
-import java.net.URL;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
@@ -63,8 +61,6 @@ import java.util.List;
import java.util.Map;
import java.util.Vector;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -78,9 +74,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.legacy.OAAuthParameter;
import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameter;
import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameters;
-import at.gv.egovernment.moa.id.config.legacy.CPEPS;
import at.gv.egovernment.moa.id.config.legacy.SignatureCreationParameter;
-import at.gv.egovernment.moa.id.config.legacy.SignatureVerificationParameter;
import at.gv.egovernment.moa.id.data.IssuerAndSerial;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -88,15 +82,9 @@ import at.gv.egovernment.moa.util.BoolUtils;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
import at.gv.egovernment.moa.util.XPathException;
import at.gv.egovernment.moa.util.XPathUtils;
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-import eu.stork.vidp.messages.util.SAMLUtil;
/**
* A class that builds configuration data from a DOM based representation.
@@ -1241,170 +1229,6 @@ public List getTrustedTemplateURLs() {
}
/**
- * Creates a SignatureVerificationParameter object from the MOA-ID configuration
- * This configuration object contains the TrustProfile to be used for signature verification (STORK SAML Signature Verification)
- *
- * @return TrustProfileID for signature verification (STORK SAML Signature Verification)
- */
- public SignatureVerificationParameter buildSTORKSignatureVerificationParameter() {
-
- Logger.debug("Loading STORK signature verification parameters.");
-
- Element signatureVerificationParameterElement = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER);
- if (signatureVerificationParameterElement == null) {
- Logger.debug("No STORK verification parameters found, " +AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER + "is missing.");
- return null;
- }
-
- SignatureVerificationParameter signatureVerificationParameter = new SignatureVerificationParameter();
-
- String trustProfileID = XPathUtils.getElementValue(signatureVerificationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID, null);
- if (StringUtils.isEmpty(trustProfileID)) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID + "is missing.");
- return null;
- }
- Logger.trace("Using the following MOA-SP TrustProfile for STORK SAML signature verification: " + trustProfileID);
- signatureVerificationParameter.setTrustProfileID(trustProfileID);
-
- Logger.info("STORK signature verification parameters loaded.");
-
- return signatureVerificationParameter;
- }
-
- /**
- * Builds a C-PEPS object from configuration
- * @param cpepsElement DOM Element of C-PEPS from configuration
- * @return C-PEPS object
- */
- public CPEPS buildSTORKCpeps(Element cpepsElement) {
-
- String countryCode = cpepsElement.getAttribute(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE);
- String cpepsURLString = cpepsElement.getAttribute(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL);
- if (StringUtils.isEmpty(countryCode)) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE + "is missing.");
- return null;
- }
- if (StringUtils.isEmpty(cpepsURLString)) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL + "is missing.");
- return null;
- }
-
- URL cpepsURL;
- try {
- cpepsURL = new URL(cpepsURLString);
- } catch (MalformedURLException e) {
- Logger.error("Provided CPEPS-URL (" + cpepsURLString + ") for country " + countryCode + " is not a URL", e);
- return null;
- }
- CPEPS cpeps = new CPEPS(countryCode, cpepsURL);
- Logger.debug("Adding C-PEPS for country: " + cpeps.getCountryCode() + ", URL: " + cpeps.getPepsURL());
-
- Element reqAttributeElement;
- NodeIterator reqAttributeIterator = XPathUtils.selectNodeIterator(cpepsElement, AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_REQUESTED_ATTRIBUTES);
-
- while ((reqAttributeElement = (Element) reqAttributeIterator.nextNode()) != null) {
- RequestedAttribute requestedAttribute;
- try {
- requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(reqAttributeElement);
- } catch (MessageEncodingException e) {
- Logger.error("Provided RequestedAttributes for CPEPS from country " + countryCode + " is malformed.", e);
- return null;
- }
- //only add if STORK attribute is correct
- if (STORKConstants.FULL_STORK_ATTRIBUTE_SET.contains(requestedAttribute.getName())) {
- cpeps.addCountrySpecificRequestedAttribute(requestedAttribute);
- Logger.debug("Adding also country specific requested attribute for C-PEPS (" + countryCode + "): " + requestedAttribute.getName() + ", isRequired: " + requestedAttribute.isRequired());
- } else {
- Logger.warn("Skipping addition of requested STORK Attribute, attribute unknown : " + requestedAttribute.getName());
- }
-
- }
-
- return cpeps;
- }
-
- /**
- * Builds the supported C-PEPS Map from configuration
- * @return Map of C-PEPS
- */
- public Map<String, CPEPS> buildSTORKcPEPSMap() {
-
- Logger.debug("Loading STORK C-PEPS information");
-
- Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>();
-
- NodeIterator cpepsIterator = XPathUtils.selectNodeIterator(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_CPEPS);
-
- Element cpepsElement;
- CPEPS cpeps;
-
- while ((cpepsElement = (Element) cpepsIterator.nextNode()) != null) {
- cpeps = buildSTORKCpeps(cpepsElement);
- if (cpeps != null) {
- cpepsMap.put(cpeps.getCountryCode(), cpeps);
- }
- }
-
- if(!cpepsMap.isEmpty()) {
- Logger.info("STORK C-PEPS information loaded");
- }
-
- return cpepsMap;
-
- }
-
- /**
- * Builds the required STORK QAALevel for this OA
- * @param authComponentElement DOM Element of AuthComponent (from MOA configuration)
- * @return STORK QAALevel for this OA
- */
- public QualityAuthenticationAssuranceLevel buildOaSTORKQAALevel(Element authComponentElement) {
- Element qaaLevelElement = (Element)XPathUtils.selectSingleNode(authComponentElement, OA_AUTH_COMPONENT_STORK_QAA);
-
- if (qaaLevelElement == null) return null;
-
- try {
- QualityAuthenticationAssuranceLevel qaaLevel = (QualityAuthenticationAssuranceLevel) SAMLUtil.unmarshallMessage(qaaLevelElement);
- return qaaLevel;
- } catch (MessageEncodingException e) {
- Logger.error("Could not build STORK QAALevel, using default.");
- return null;
- }
-
- }
-
- /**
- * Builds the Requested Attributes specific for an OA
- * @param authComponentElement DOM Element of AuthComponent (from MOA configuration)
- * @return STORK RequestedAttributes for this OA
- */
- public RequestedAttributes buildOaSTORKRequestedAttributes(Element authComponentElement) {
- List<RequestedAttribute> reqAttributeList = new ArrayList<RequestedAttribute>();
-
-
- Element reqAttributeElement;
- NodeIterator reqAttributeIterator = XPathUtils.selectNodeIterator(authComponentElement, OA_AUTH_COMPONENT_STORK_REQUESTED_ATTRIBUTE);
-
- while ((reqAttributeElement = (Element) reqAttributeIterator.nextNode()) != null) {
- RequestedAttribute requestedAttribute;
- try {
- requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(reqAttributeElement);
- } catch (MessageEncodingException e) {
- Logger.error("Provided RequestedAttributes Online Application is malformed.", e);
- return null;
- }
- //only add if STORK attribute is correct
- if (STORKConstants.FULL_STORK_ATTRIBUTE_SET.contains(requestedAttribute.getName())) {
- reqAttributeList.add(requestedAttribute);
- } else {
- Logger.warn("Skipping addition of requested STORK Attribute, attribute unknown : " + requestedAttribute.getName());
- }
- }
-
- return STORKMessagesBuilder.buildRequestedAttributes(reqAttributeList);
- }
-
- /**
* Method warn.
* @param messageId to identify a country-specific message
* @param parameters for the logger
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
index 01977c239..6bdbd38d8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
@@ -46,15 +46,6 @@
package at.gv.egovernment.moa.id.config.legacy;
-import java.util.ArrayList;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
/**
* Configuration parameters belonging to an online application,
* to use with the MOA ID Auth component.
@@ -151,22 +142,6 @@ public class OAAuthParameter extends OAParameter {
*/
private String identityLinkDomainIdentifierType;
- /**
- * STORK QAA Level, Default = 4
- */
- private QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(4);
-
- /**
- * STORK RequestedAttributes for Online Application
- * Default RequestedAttributes are: eIdentifier, givenName, surname, dateOfBirth
- */
- private RequestedAttributes requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes(
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_GIVENNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SURNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH, false, null));
-
-
/**
* Returns <code>true</code> if the Security Layer version is version 1.2,
* otherwise <code>false</code>.
@@ -486,38 +461,4 @@ public class OAAuthParameter extends OAParameter {
return this.mandateProfiles;
}
- /**
- * Returns the defined STORK QAALevel
- * @return STORK QAALevel
- */
- public QualityAuthenticationAssuranceLevel getQaaLevel() {
- return qaaLevel;
- }
-
- /**
- * Sets the STORK QAALevel
- * @param qaaLevel
- */
- public void setQaaLevel(QualityAuthenticationAssuranceLevel qaaLevel) {
- this.qaaLevel = qaaLevel;
- }
-
- /**
- * Returns the desired STORK Requested Attributes
- * @return STORK Requested Attributes
- */
- public RequestedAttributes getRequestedAttributes() {
- return requestedAttributes;
- }
-
- /**
- * Sets the desired STORK Requested Attributes
- * @param requestedAttributes
- */
- public void setRequestedAttributes(RequestedAttributes requestedAttributes) {
- this.requestedAttributes = requestedAttributes;
- }
-
-
-
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index 76cd8f994..463930fd7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -21,11 +21,10 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*******************************************************************************/
/**
- *
+ *
*/
package at.gv.egovernment.moa.id.config.stork;
-import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
@@ -34,133 +33,91 @@ import java.util.List;
import java.util.Map;
import java.util.Properties;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
-import org.w3c.dom.Element;
-import org.xml.sax.SAXException;
-
-import eu.stork.vidp.messages.util.SAMLUtil;
-import eu.stork.vidp.messages.util.XMLUtil;
-
-import at.gv.egovernment.moa.id.commons.db.dao.config.RequestedAttributeType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter;
import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureVerificationParameterType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.StringUtils;
/**
* Encapsulates several STORK configuration parameters according MOA configuration
- *
+ *
* @author bzwattendorfer
*
*/
public class STORKConfig {
-
+
/** STORK SAML signature creation parameters */
private Properties props = null;
private Map<String, CPEPS> cpepsMap = null;
private String basedirectory = null;
private SignatureVerificationParameter sigverifyparam = null;
-
-
+ private List<StorkAttribute> attr = null;
+
+
public STORKConfig(STORK stork, Properties props, String basedirectory) {
this.basedirectory = basedirectory;
this.props = props;
-
+
//create CPEPS map
List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
cpepsMap = new HashMap<String, CPEPS>();
-
+
for(at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS cpep : cpeps) {
-
+
try {
CPEPS moacpep = new CPEPS(cpep.getCountryCode(), new URL(cpep.getURL()));
-
- List<String> attr = cpep.getAttributeValue();
-
- ArrayList<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
-
- for (String e1 : attr) {
- Element element = XMLUtil.stringToDOM(e1);
- RequestedAttribute requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(element);
- requestedAttributes.add(requestedAttribute);
- }
- moacpep.setCountrySpecificRequestedAttributes(requestedAttributes);
-
+
cpepsMap.put(cpep.getCountryCode(), moacpep);
-
+
} catch (MalformedURLException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+ Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+ cpep.getCountryCode() + " has an invalid URL and is ignored.");
- } catch (ParserConfigurationException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (SAXException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (IOException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (MessageEncodingException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
}
}
- SAMLSigningParameter samlsign = stork.getSAMLSigningParameter();
-
- if (samlsign == null) {
- Logger.warn("Error in MOA-ID Configuration. No STORK->SAMLSigningParameter configuration found.");
- } else {
- SignatureVerificationParameterType sigverify = samlsign.getSignatureVerificationParameter();
-
- if (sigverify == null) {
- Logger.warn("Error in MOA-ID Configuration. No STORK->SignatureVerificationParameter configuration found.");
-
- } else {
- sigverifyparam = new SignatureVerificationParameter(sigverify.getTrustProfileID());
- }
+ attr = new ArrayList<StorkAttribute>();
+ for(StorkAttribute current : stork.getAttributes()) {
+ attr.add(current);
}
-
+
}
public SignatureCreationParameter getSignatureCreationParameter() {
-
+
return new SignatureCreationParameter(props, basedirectory);
}
public SignatureVerificationParameter getSignatureVerificationParameter() {
-
- return sigverifyparam;
+
+ return sigverifyparam;
}
public Map<String, CPEPS> getCpepsMap() {
return cpepsMap;
}
-
+
public boolean isSTORKAuthentication(String ccc) {
-
+
if (StringUtils.isEmpty(ccc) || this.cpepsMap.isEmpty())
return false;
-
+
if (this.cpepsMap.containsKey(ccc.toUpperCase()))
return true;
else
return false;
-
+
}
-
+
public CPEPS getCPEPS(String ccc) {
if (isSTORKAuthentication(ccc))
return this.cpepsMap.get(ccc);
else
return null;
}
-
+ public List<StorkAttribute> getStorkAttributes() {
+ return attr;
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 17:02:20 +0000