diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java | 234 |
1 files changed, 0 insertions, 234 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java deleted file mode 100644 index 06509b333..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java +++ /dev/null @@ -1,234 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.oauth20.protocol; - -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; - -import org.opensaml.saml2.core.Attribute; - -import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; -import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; -import at.gv.egovernment.moa.id.protocols.oauth20.attributes.OAuth20AttributeBuilder; -import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException; -import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; -import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ResponseTypeException; -import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.IAttributeBuilder; -import at.gv.egovernment.moa.logging.Logger; - -public class OAuth20AuthRequest extends OAuth20BaseRequest { - - private static final long serialVersionUID = 1L; - - private String responseType; - private String state; - private String redirectUri; - private String scope; - private String clientID; - private String nonce; - - /** - * @return the responseType - */ - public String getResponseType() { - return responseType; - } - - /** - * @param responseType - * the responseType to set - */ - public void setResponseType(String responseType) { - this.responseType = responseType; - } - - /** - * @return the state - */ - public String getState() { - return state; - } - - /** - * @param state - * the state to set - */ - public void setState(String state) { - this.state = state; - } - - /** - * @return the redirectUri - */ - public String getRedirectUri() { - return redirectUri; - } - - /** - * @param redirectUri - * the redirectUri to set - */ - public void setRedirectUri(String redirectUri) { - this.redirectUri = redirectUri; - } - - /** - * @return the scope - */ - public String getScope() { - return scope; - } - - /** - * @param scope - * the scope to set - */ - public void setScope(String scope) { - this.scope = scope; - } - - /** - * @return the clientID - */ - public String getClientID() { - return clientID; - } - - /** - * @param clientID - * the clientID to set - */ - public void setClientID(String clientID) { - this.clientID = clientID; - } - - - - /** - * @return the nonce - */ - public String getNonce() { - return nonce; - } - - /** - * @param nonce the nonce to set - */ - public void setNonce(String nonce) { - this.nonce = nonce; - } - - @Override - protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception { - this.setResponseType(this.getParam(request, OAuth20Constants.PARAM_RESPONSE_TYPE, true)); - this.setState(this.getParam(request, OAuth20Constants.PARAM_STATE, true)); - this.setRedirectUri(this.getParam(request, OAuth20Constants.PARAM_REDIRECT_URI, true)); - this.setClientID(this.getParam(request, OAuth20Constants.PARAM_CLIENT_ID, true)); - this.setScope(this.getParam(request, OAuth20Constants.PARAM_SCOPE, false)); - this.setNonce(this.getParam(request, OAuth20Constants.PARAM_NONCE, false)); - - // check for response type - if (!this.responseType.equals(OAuth20Constants.RESPONSE_CODE)) { - throw new OAuth20ResponseTypeException(); - } - - // check state for invalid characters (like < > & ; ... javascript ... to prevent xss) - if (!OAuth20Util.isValidStateValue(this.getState())) { - throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_STATE); - } - - // check if client id and redirect uri are ok - try { - // OAOAUTH20 cannot be null at this point. check was done in base request - OAAuthParameter oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()); - - - if (!this.getClientID().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID)) - || !this.getRedirectUri().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) { - throw new OAuth20AccessDeniedException(); - } - - this.setOnlineApplicationConfiguration(oAuthConfig); - Logger.info("Dispatch OpenIDConnect AuthRequest: ClientID=" + this.clientID); - - - } catch (ConfigurationException e) { - throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID); - } - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() - */ - @Override - public List<Attribute> getRequestedAttributes() { - Map<String, String> reqAttr = new HashMap<String, String>(); - for (String el : PVP2XProtocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION) - reqAttr.put(el, ""); - - try { - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); - - for (String s : scope.split(" ")) { - if (s.equalsIgnoreCase("profile")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersprofile()) - reqAttr.put(el.getName(), ""); - - } else if (s.equalsIgnoreCase("eID")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseid()) - reqAttr.put(el.getName(), ""); - - } else if (s.equalsIgnoreCase("eID_gov")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseidgov()) - reqAttr.put(el.getName(), ""); - - } else if (s.equalsIgnoreCase("mandate")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersmandate()) - reqAttr.put(el.getName(), ""); - - } else if (s.equalsIgnoreCase("stork")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersstork()) - reqAttr.put(el.getName(), ""); - - } - } - - return AttributQueryBuilder.buildSAML2AttributeList(oa, reqAttr.keySet().iterator()); - - } catch (ConfigurationException e) { - Logger.error("Load configuration for OA " + getOAURL() + " FAILED", e); - return null; - } - } -} |