diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java | 201 |
1 files changed, 201 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java new file mode 100644 index 000000000..5e49fe413 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -0,0 +1,201 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.*; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import org.apache.velocity.app.VelocityEngine; +import org.apache.velocity.runtime.RuntimeConstants; +import org.joda.time.DateTime; +import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + + +/** + * Second request step - after authentication of the user is done and moasession obtained, + * process request and forward the user further to PEPS and/or other entities + * + * @author bsuzic + */ + +public class AuthenticationRequest implements IAction { + + + private VelocityEngine velocityEngine; + private AuthenticationSession moaSession = null; + private MOASTORKRequest moaStorkRequest = null; + + + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + + this.moaSession = moasession; + + if (req instanceof MOASTORKRequest) { + + this.moaStorkRequest = (MOASTORKRequest) req; + + Logger.debug("Entering MOASTORKRequest"); + httpResp.reset(); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + + MOASTORKResponse moaStorkResponse = new MOASTORKResponse(); + + // check if it is attribute query + if (moaStorkRequest.isAttrRequest()) { + Logger.debug("Starting AttrQueryRequest"); + + moaStorkResponse.setSTORKAttrResponse(new STORKAttrQueryResponse()); + } + // check if we have authentication request + else if (moaStorkRequest.isAuthnRequest()) { + Logger.debug("Starting AuthenticationRequest"); + moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse()); + + + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + + Logger.debug("Starting generation of SAML response"); + try { + moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(),httpReq.getRemoteAddr(), false)); + } catch (STORKSAMLEngineException ex) { + // TODO + } + + // Get personal attributtes from MOA/IdentityLink + moaStorkResponse.setPersonalAttributeList(populateAttributes()); + + + } + + //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); + + // Prepare extended attributes + Logger.debug("Preparing data container"); + + // create fresh container + DataContainer container = new DataContainer(); + + // - fill in the request we extracted above + container.setRequest(moaStorkRequest); + + // - fill in the partial response created above + container.setResponse(moaStorkResponse); + + container.setRemoteAddress(httpReq.getRemoteAddr()); + + + STORKAuthnResponse arep = moaStorkResponse.getStorkAuthnResponse(); + + + arep.setCountry("XX"); + arep.setInResponseTo("xxxx"); + arep.setMessage("xxxx"); + arep.setSamlId("xxxx"); + arep.setStatusCode("xxxx"); + + // arep.setNotBefore(new DateTime().withTimeAtStartOfDay()); + // arep.setNotOnOrAfter(new DateTime().withTimeAtStartOfDay()); + + + Logger.debug("Data container prepared"); + + return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + } else { + Logger.error("Could not recognize request."); + throw new MOAIDException("stork.15", null); + } + } + + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + return true; + } + + + private void iterate(NamedNodeMap attributesList) { + for (int j = 0; j < attributesList.getLength(); j++) { + Logger.debug("--Attribute: " + + attributesList.item(j).getNodeName() + " = " + + attributesList.item(j).getNodeValue()); + } + } + + + // does nothing + public void mandate(AuthenticationSession moasession) { + + if (moasession.getUseMandate()) { + try { + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); + + iterate(mndt.getAttributes()); + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); + } catch (Exception x) { + Logger.debug("There is no mandate used in transaction"); + } + } + + + } + + public PersonalAttributeList populateAttributes() { + + IPersonalAttributeList attrLst = moaStorkRequest.getStorkAuthnRequest().getPersonalAttributeList(); + Logger.info("Found " + attrLst.size() + " personal attributes in the request."); + + // Define attribute list to be populated + PersonalAttributeList attributeList = new PersonalAttributeList(); + MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkRequest); + + try { + for (PersonalAttribute personalAttribute : attrLst) { + Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired()); + moaAttributeProvider.populateAttribute(attributeList, personalAttribute); + } + } catch (Exception e) { + Logger.error("Exception, attributes: " + e.getMessage()); + } + + Logger.debug("AUTHBLOCK " + moaSession.getAuthBlock()); + Logger.debug("TARGET " + moaSession.getTarget() + " " + moaSession.getTargetFriendlyName()); + Logger.debug("SESSION IDENTIFIER " + moaSession.getCcc() + " " + moaSession.getDomainIdentifier()); + Logger.debug("AUTHBLOCKTOKKEN" + moaSession.getAuthBlockTokken()); + + return attributeList; + } + + public String getDefaultActionName() { + return STORKProtocol.AUTHENTICATIONREQUEST; + } + + + private void initVelocityEngine() throws Exception { + velocityEngine = new VelocityEngine(); + velocityEngine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); + velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); + velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); + velocityEngine.setProperty("classpath.resource.loader.class", + "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); + + velocityEngine.init(); + } + +} |