diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java | 454 |
1 files changed, 0 insertions, 454 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java deleted file mode 100644 index b87574d52..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java +++ /dev/null @@ -1,454 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.moduls; - -import java.io.Serializable; -import java.net.MalformedURLException; -import java.net.URL; -import java.util.Collection; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; - -import org.opensaml.saml2.metadata.provider.MetadataProvider; - -import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; -import at.gv.egovernment.moa.id.commons.MOAIDConstants; -import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; -import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; -import at.gv.egovernment.moa.id.commons.api.IRequest; -import at.gv.egovernment.moa.id.commons.api.data.AuthProzessDataConstants; -import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; -import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; -import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public abstract class RequestImpl implements IRequest, Serializable{ - - public static final String DATAID_INTERFEDERATIOIDP_URL = "interIDPURL"; - public static final String DATAID_INTERFEDERATIOIDP_RESPONSE = "interIDPResponse"; - public static final String DATAID_REQUESTED_ATTRIBUTES = "requestedAttributes"; - public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "interIDPEntityID"; - - public static final String DATAID_REQUESTER_IP_ADDRESS = "requesterIP"; - -// public static final String eIDAS_GENERIC_REQ_DATA_COUNTRY = "country"; - public static final String eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE = "eIDAS_LoA"; - - - - private static final long serialVersionUID = 1L; - - private String module = null; - private String action = null; - - private String requestID; - private String processInstanceId; - private String ssoMoaSessionId; - - private String uniqueTransactionIdentifer; - private String uniqueSessionIdentifer; - - private String oaURL; - private String authURL = null; - - private IOAAuthParameters OAConfiguration = null; - - private boolean passiv = false; - private boolean force = false; - private boolean needSSO = false; - private boolean isAbortedByUser = false; - - //every request needs authentication by default - private boolean needAuthentication = true; - - //every request is not authenticated by default - private boolean isAuthenticated = false; - - private Map<String, Object> genericDataStorage = new HashMap<String, Object>(); - - private IAuthenticationSession moaSSOSessionContainer = null; - - - /** - * @throws ConfigurationException - * - */ - public final void initialize(HttpServletRequest req) throws ConfigurationException { - //set requestID - requestID = Random.nextLongRandom(); - - //set unique transaction identifier for logging - uniqueTransactionIdentifer = Random.nextLongRandom(); - TransactionIDUtils.setTransactionId(uniqueTransactionIdentifer); - - //initialize session object - genericDataStorage.put(AuthProzessDataConstants.VALUE_CREATED, new Date()); - genericDataStorage.put(AuthProzessDataConstants.VALUE_SESSIONID, Random.nextLongRandom()); - - //check if End-Point is valid - String authURLString = HTTPUtils.extractAuthURLFromRequest(req); - URL authURL; - try { - authURL = new URL(authURLString); - - } catch (MalformedURLException e) { - Logger.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + authURLString, e); - throw new ConfigurationException("1299", null, e); - - } - - AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); - List<String> configuredPublicURLPrefix = config.getPublicURLPrefix(); - - if (!config.isVirtualIDPsEnabled()) { - Logger.trace("Virtual IDPs are disabled. Use default IDP PublicURLPrefix from configuration: " + configuredPublicURLPrefix.get(0)); - this.authURL = configuredPublicURLPrefix.get(0); - - } else { - Logger.debug("Extract AuthenticationServiceURL: " + authURLString); - URL resultURL = null; - - for (String el : configuredPublicURLPrefix) { - try { - URL configuredURL = new URL(el); - - //get Ports from URL - int configPort = configuredURL.getPort(); - if (configPort == -1) - configPort = configuredURL.getDefaultPort(); - - int authURLPort = authURL.getPort(); - if (authURLPort == -1) - authURLPort = authURL.getDefaultPort(); - - //check AuthURL against ConfigurationURL - if (configuredURL.getHost().equals(authURL.getHost()) && - configPort == authURLPort && - configuredURL.getPath().equals(authURL.getPath())) { - Logger.debug("Select configurated PublicURLPrefix: " + configuredURL - + " for authURL: " + authURLString); - resultURL = configuredURL; - } - - } catch (MalformedURLException e) { - Logger.error("Configurated IDP PublicURLPrefix is not a valid URL." + el); - - } - } - - if (resultURL == null) { - Logger.warn("Extract AuthenticationServiceURL: " + authURL + " is NOT found in configuration."); - throw new ConfigurationException("config.25", new Object[]{authURLString}); - - } else { - this.authURL = resultURL.toExternalForm(); - - } - } - - //set unique session identifier - String uniqueID = (String) req.getAttribute(MOAIDConstants.UNIQUESESSIONIDENTIFIER); - if (MiscUtil.isNotEmpty(uniqueID)) - uniqueSessionIdentifer = uniqueID; - - else - Logger.warn("No unique session-identifier FOUND, but it should be allready set into request!?!"); - - //set requester's IP address - try { - setGenericDataToSession(DATAID_REQUESTER_IP_ADDRESS, req.getRemoteAddr()); - - } catch (SessionDataStorageException e) { - Logger.warn("Can not store remote IP address to 'pendingRequest' during an exception." , e); - - } - - } - - /** - * This method map the protocol specific requested attributes to PVP 2.1 attributes. - * - * @return List of PVP 2.1 attribute names with maps all protocol specific attributes - */ - public abstract Collection<String> getRequestedAttributes(MetadataProvider metadataProvider); - - public void setOAURL(String value) { - oaURL = value; - } - - public String getOAURL() { - return oaURL; - } - - public boolean isPassiv() { - return passiv; - } - - public boolean forceAuth() { - return force; - } - - public void setPassiv(boolean passiv) { - this.passiv = passiv; - } - - public void setForce(boolean force) { - this.force = force; - } - - public String requestedAction() { - return action; - } - - public void setAction(String action) { - this.action = action; - } - - /** - * @return the module - */ - public String requestedModule() { - return module; - } - - /** - * @param module the module to set - */ - public void setModule(String module) { - this.module = module; - } - - public void setRequestID(String id) { - this.requestID = id; - - } - - public String getRequestID() { - return requestID; - } - - public String getInternalSSOSessionIdentifier() { - return this.ssoMoaSessionId; - } - - /** - * Set the internal SSO session identifier, which associated with this pending request - * - * @param internalSSOSessionId - */ - public void setInternalSSOSessionIdentifier(String internalSSOSessionId) { - this.ssoMoaSessionId = internalSSOSessionId; - - } - - public IAuthenticationSession getMOASession() { - //if SSO session information are set, use this - if (moaSSOSessionContainer != null) - return moaSSOSessionContainer; - - else - return new AuthenticationSessionWrapper(genericDataStorage); - - } - - public void populateMOASessionWithSSOInformation(IAuthenticationSession ssoSession) { - if (ssoSession instanceof AuthenticationSession) { - moaSSOSessionContainer = ssoSession; - - } else - throw new IllegalStateException("Session information can only be populated with SSO information from database"); - - - } - - - public IOAAuthParameters getOnlineApplicationConfiguration() { - return this.OAConfiguration; - - } - - public void setOnlineApplicationConfiguration(IOAAuthParameters oaConfig) { - this.OAConfiguration = oaConfig; - - } - - public String getUniqueTransactionIdentifier() { - return this.uniqueTransactionIdentifer; - - } - - public String getUniqueSessionIdentifier() { - return this.uniqueSessionIdentifer; - - } - - public String getProcessInstanceId() { - return this.processInstanceId; - - } - - public void setUniqueTransactionIdentifier(String id) { - this.uniqueTransactionIdentifer = id; - - } - - public void setUniqueSessionIdentifier(String id) { - this.uniqueSessionIdentifer = id; - - } - - public void setProcessInstanceId(String id) { - this.processInstanceId = id; - - } - - /** - * @return the authURL - */ - public String getAuthURL() { - return authURL; - } - - public String getAuthURLWithOutSlash() { - if (authURL.endsWith("/")) - return authURL.substring(0, authURL.length()-1); - else - return authURL; - - } - - /** - * @return the needAuthentication - */ - public boolean isNeedAuthentication() { - return needAuthentication; - } - - /** - * @param needAuthentication the needAuthentication to set - */ - public void setNeedAuthentication(boolean needAuthentication) { - this.needAuthentication = needAuthentication; - } - - /** - * @return the isAuthenticated - */ - public boolean isAuthenticated() { - return isAuthenticated; - } - - /** - * @param isAuthenticated the isAuthenticated to set - */ - public void setAuthenticated(boolean isAuthenticated) { - this.isAuthenticated = isAuthenticated; - } - - public boolean needSingleSignOnFunctionality() { - return needSSO; - } - public void setNeedSingleSignOnFunctionality(boolean needSSO) { - this.needSSO = needSSO; - - } - - public boolean isAbortedByUser() { - return this.isAbortedByUser; - } - - public void setAbortedByUser(boolean isAborted) { - this.isAbortedByUser = isAborted; - - } - - public Object getGenericData(String key) { - if (MiscUtil.isNotEmpty(key)) { - return genericDataStorage.get(key); - - } - - Logger.warn("Can not load generic request-data with key='null'"); - return null; - } - - public <T> T getGenericData(String key, final Class<T> clazz) { - if (MiscUtil.isNotEmpty(key)) { - Object data = genericDataStorage.get(key); - - if (data == null) - return null; - - try { - @SuppressWarnings("unchecked") - T test = (T) data; - return test; - - } catch (Exception e) { - Logger.warn("Generic request-data object can not be casted to requested type", e); - return null; - - } - - } - - Logger.warn("Can not load generic request-data with key='null'"); - return null; - - } - - public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { - if (MiscUtil.isEmpty(key)) { - Logger.warn("Generic request-data can not be stored with a 'null' key"); - throw new SessionDataStorageException("Generic request-data can not be stored with a 'null' key", null); - - } - - if (object != null) { - if (!Serializable.class.isInstance(object)) { - Logger.warn("Generic request-data can only store objects which implements the 'Seralizable' interface"); - throw new SessionDataStorageException("Generic request-data can only store objects which implements the 'Seralizable' interface", null); - - } - } - - if (genericDataStorage.containsKey(key)) - Logger.debug("Overwrite generic request-data with key:" + key); - else - Logger.trace("Add generic request-data with key:" + key + " to session."); - - genericDataStorage.put(key, object); - - } - -} |