diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java | 175 |
1 files changed, 175 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java new file mode 100644 index 000000000..a310b16ff --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -0,0 +1,175 @@ +package at.gv.egovernment.moa.id.protocols.saml1; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.MOAIDException; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.WrongParametersException; +import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IModulInfo; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.ServletInfo; +import at.gv.egovernment.moa.id.moduls.ServletType; +import at.gv.egovernment.moa.id.moduls.RequestImpl; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.URLEncoder; + +public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { + + public static final String NAME = SAML1Protocol.class.getName(); + public static final String PATH = "id_saml1"; + + public static final String GETARTIFACT = "GetArtifact"; + + private static List<ServletInfo> servletList = new ArrayList<ServletInfo>(); + + private static HashMap<String, IAction> actions = new HashMap<String, IAction>(); + + static { + servletList.add(new ServletInfo(GetArtifactServlet.class, GETARTIFACT, + ServletType.AUTH)); + + actions.put(GETARTIFACT, new GetArtifactAction()); + + instance = new SAML1Protocol(); + } + + private static SAML1Protocol instance = null; + + public static SAML1Protocol getInstance() { + if (instance == null) { + instance = new SAML1Protocol(); + } + return instance; + } + + public List<ServletInfo> getServlets() { + return servletList; + } + + + public String getName() { + return NAME; + } + + public String getPath() { + return PATH; + } + + public IRequest preProcess(HttpServletRequest request, + HttpServletResponse response, String action) throws MOAIDException { + RequestImpl config = new RequestImpl(); + String oaURL = (String) request.getParameter(PARAM_OA); + oaURL = StringEscapeUtils.escapeHtml(oaURL); + + String target = (String) request.getParameter(PARAM_TARGET); + target = StringEscapeUtils.escapeHtml(target); + + //the target parameter is used to define the OA in SAML1 standard + if (target != null && target.startsWith("http")) { + oaURL = target; + target = null; + } + + if (!ParamValidatorUtils.isValidOA(oaURL)) + throw new WrongParametersException("StartAuthentication", PARAM_OA, + "auth.12"); + config.setOAURL(oaURL); + + //load Target only from OA config + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + .getOnlineApplicationParameter(oaURL); + + if (oaParam == null) + throw new AuthenticationException("auth.00", + new Object[] { oaURL }); + + config.setTarget(oaParam.getTarget()); + + + //TODO: set reauthenticate if OA.useSSO=false + + request.getSession().setAttribute(PARAM_OA, oaURL); + request.getSession().setAttribute(PARAM_TARGET, oaParam.getTarget()); + return config; + } + + public boolean generateErrorMessage(Throwable e, + HttpServletRequest request, HttpServletResponse response, + IRequest protocolRequest) + throws Throwable{ + + SAML1AuthenticationServer saml1authentication = SAML1AuthenticationServer.getInstace(); + + String samlArtifactBase64 = saml1authentication.BuildErrorAssertion(e, protocolRequest); + + String url = "RedirectServlet"; + url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getOAURL(), "UTF-8")); + url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); + url = response.encodeRedirectURL(url); + + response.setContentType("text/html"); + response.setStatus(302); + response.addHeader("Location", url); + Logger.debug("REDIRECT TO: " + url); + + return true; + } + + public IAction getAction(String action) { + return actions.get(action); + } + + public IAction canHandleRequest(HttpServletRequest request, + HttpServletResponse response) { + return null; + } + + public boolean validate(HttpServletRequest request, + HttpServletResponse response, IRequest pending) { + + //TODO: funktioniert so nicht!!! + +// String oaURL = (String) request.getParameter(PARAM_OA); +// oaURL = StringEscapeUtils.escapeHtml(oaURL); +// String target = (String) request.getParameter(PARAM_TARGET); +// target = StringEscapeUtils.escapeHtml(target); +// +// //the target parameter is used to define the OA in SAML1 standard +// if (target.startsWith("http")) { +// oaURL = target; +// target = null; +// } +// +// if (oaURL != null) { +// if (oaURL.equals(pending.getOAURL())) +// return true; +// else +// return false; +// } + + return true; + } + + protected static String addURLParameter(String url, String paramname, + String paramvalue) { + String param = paramname + "=" + paramvalue; + if (url.indexOf("?") < 0) + return url + "?" + param; + else + return url + "&" + param; + } + +} |