diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java | 127 |
1 files changed, 127 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java new file mode 100644 index 000000000..15096083e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -0,0 +1,127 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IModulInfo; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.mw.messages.saml.STORKAuthnRequest; +import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl; +import org.opensaml.common.binding.BasicSAMLMessageContext; +import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; +import org.opensaml.ws.transport.http.HTTPInTransport; +import org.opensaml.ws.transport.http.HTTPOutTransport; +import org.opensaml.ws.transport.http.HttpServletRequestAdapter; +import org.opensaml.ws.transport.http.HttpServletResponseAdapter; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.Collections; +import java.util.HashMap; + +/** + * Stork 2 Protocol Support + * Date: 11/29/13, Time: 12:32 PM + * @author bsuzic + */ +public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { + + public static final String NAME = STORKProtocol.class.getName(); + public static final String PATH = "id_stork2"; + + public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; + + private static HashMap<String, IAction> actions = new HashMap<String, IAction>(); + + static { + + actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); + + instance = new STORKProtocol(); + } + + private static STORKProtocol instance = null; + + + public String getName() { + return NAME; + } + + public String getPath() { + return PATH; + } + + public IAction getAction(String action) { + return actions.get(action); + } + + /* + First request step - send it to BKU selection for user authentication. After the user credentials + and other info are obtained, in the second step the request will be processed and the user redirected + */ + public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { + Logger.debug("Starting preprocessing"); + Logger.debug("Got request: " + request.toString()); + Logger.debug("Request method: " + request.getMethod()); + for (Object o : Collections.list(request.getHeaderNames())) { + Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString())); + } + for (Object o : Collections.list(request.getParameterNames())) { + Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString())); + } + + Logger.debug("Request content length: " + request.getContentLength()); + Logger.debug("Request query: " + request.getQueryString()); + Logger.debug("Response: " + response.toString()); + Logger.debug("Action: " + action); + + Logger.debug("Processing saml request"); + String SAMLRequest = request.getParameter("SAMLRequest"); + + HTTPInTransport profileReq = new HttpServletRequestAdapter(request); + HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure()); + + + BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); + samlMessageContext.setInboundMessageTransport(profileReq); + + HTTPPostDecoder postDecoder = new HTTPPostDecoder(); + postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator + + try { + Logger.debug("Attempting to decode request..."); + postDecoder.decode(samlMessageContext); + } catch (Exception e) { + Logger.error("Error decoding STORKAuthnRequest", e); + } + + STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage(); + //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage(); + STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL(); + STORK2Request.setSTORKAuthnRequest(ST2Req); + + Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode()); + Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel()); + Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString()); + + + return STORK2Request; + } + + public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { + return null; + } + + public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable { + return false; + } + + public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { + return false; + } +} + + |