aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java111
1 files changed, 30 insertions, 81 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index 38be055be..c7d779fa2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -1,16 +1,5 @@
package at.gv.egovernment.moa.id.protocols.pvp2x.binding;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -31,49 +20,31 @@ import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
import org.opensaml.xml.parse.BasicParserPool;
import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.credential.BasicCredential;
-import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.signature.Signature;
-import org.opensaml.xml.signature.SignatureConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
-import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
+import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
public class PostBinding implements IDecoder, IEncoder {
public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
- RequestAbstractType request, String targetLocation) throws MessageEncodingException,
- SecurityException{
+ RequestAbstractType request, String targetLocation)
+ throws MessageEncodingException, SecurityException {
// TODO Auto-generated method stub
-
+
}
public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
- StatusResponseType response, String targetLocation) throws MessageEncodingException,
- SecurityException{
- KeyStore keyStore;
+ StatusResponseType response, String targetLocation)
+ throws MessageEncodingException, SecurityException {
try {
- keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
-
- FileInputStream inputStream = new FileInputStream(
- "/home/afitzek/server/moaid_conf/moaid/pvp.ks");
- keyStore.load(inputStream, "123456".toCharArray());
- inputStream.close();
-
- BasicCredential credentials = new BasicCredential();
- PrivateKey key = (PrivateKey) keyStore.getKey("pvpIDP",
- "123456".toCharArray());
- Certificate cert = keyStore.getCertificate("pvpIDP");
- credentials.setPublicKey(cert.getPublicKey());
- credentials.setPrivateKey(key);
- credentials.setUsageType(UsageType.SIGNING);
-
- Signature signer = SAML2Utils.createSAMLObject(Signature.class);
- signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
- signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
- signer.setSigningCredential(credentials);
+ Credential credentials = CredentialProvider
+ .getIDPSigningCredential();
+ Signature signer = CredentialProvider.getIDPSignature(credentials);
response.setSignature(signer);
VelocityEngine engine = new VelocityEngine();
@@ -81,11 +52,11 @@ public class PostBinding implements IDecoder, IEncoder {
engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
- engine.setProperty("classpath.resource.loader.class",
+ engine.setProperty("classpath.resource.loader.class",
"org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
engine.init();
-
- HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
+
+ HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
"resources/templates/pvp_postbinding_template.html");
HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
resp, true);
@@ -101,68 +72,46 @@ public class PostBinding implements IDecoder, IEncoder {
context.setOutboundMessageTransport(responseAdapter);
encoder.encode(context);
- } catch (KeyStoreException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- } catch (FileNotFoundException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- } catch (NoSuchAlgorithmException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- } catch (CertificateException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- } catch (IOException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- } catch (UnrecoverableKeyException e) {
- // TODO Auto-generated catch block
+ } catch (CredentialsNotAvailableException e) {
e.printStackTrace();
+ throw new SecurityException(e);
}
}
public MOARequest decodeRequest(HttpServletRequest req,
HttpServletResponse resp) throws MessageDecodingException,
- SecurityException{
-
-
-
+ SecurityException {
+
HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
- BasicSAMLMessageContext<RequestAbstractType, ?, ?> messageContext =
- new BasicSAMLMessageContext<RequestAbstractType, SAMLObject, SAMLObject>();
+ BasicSAMLMessageContext<RequestAbstractType, ?, ?> messageContext = new BasicSAMLMessageContext<RequestAbstractType, SAMLObject, SAMLObject>();
messageContext
- .setInboundMessageTransport(new HttpServletRequestAdapter(
- req));
+ .setInboundMessageTransport(new HttpServletRequestAdapter(req));
decode.decode(messageContext);
RequestAbstractType inboundMessage = (RequestAbstractType) messageContext
.getInboundMessage();
-
+
MOARequest request = new MOARequest(inboundMessage);
-
+
return request;
-
+
}
public MOAResponse decodeRespone(HttpServletRequest req,
HttpServletResponse resp) throws MessageDecodingException,
- SecurityException{
-
+ SecurityException {
+
HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
- BasicSAMLMessageContext<Response, ?, ?> messageContext =
- new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
+ BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
messageContext
- .setInboundMessageTransport(new HttpServletRequestAdapter(
- req));
+ .setInboundMessageTransport(new HttpServletRequestAdapter(req));
decode.decode(messageContext);
- Response inboundMessage = (Response) messageContext
- .getInboundMessage();
-
+ Response inboundMessage = (Response) messageContext.getInboundMessage();
+
MOAResponse moaResponse = new MOAResponse(inboundMessage);
return moaResponse;
-
+
}
public boolean handleDecode(String action) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-29 02:06:41 +0000