diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2')
11 files changed, 212 insertions, 99 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index e3b9992aa..1e6cf6910 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -45,7 +45,7 @@ import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.*; import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.complex.attributes.AttributeStatusType; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; @@ -121,7 +121,7 @@ public class AttributeCollector implements IAction { if (authnResponse.getPersonalAttributeList().size() > 0) { Logger.info("Response from external attribute provider contains " + authnResponse.getPersonalAttributeList().size() + " attributes."); - addOrUpdateAll(container.getResponse().getPersonalAttributeList(), authnResponse.getPersonalAttributeList()); + container.getResponse().setPersonalAttributeList(addOrUpdateAll(container.getResponse().getPersonalAttributeList(), authnResponse.getPersonalAttributeList())); } } @@ -157,7 +157,7 @@ public class AttributeCollector implements IAction { // - insert the embedded attribute(s) into the container if (null != newAttributes) - addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes); + container.getResponse().setPersonalAttributeList(addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes)); // see if we need some more attributes SLOInformationImpl sloInfo = (SLOInformationImpl) processRequest(container, httpReq, httpResp, authData, oaParam); @@ -203,7 +203,8 @@ public class AttributeCollector implements IAction { IPersonalAttributeList aquiredAttributes = new PersonalAttributeList(); currentAttribute.setStatus(AttributeStatusType.NOT_AVAILABLE.value()); aquiredAttributes.add((PersonalAttribute) currentAttribute.clone()); - addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); + container.getResponse().setPersonalAttributeList( + addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes)); // - check if we can find a suitable AttributeProvider Plugin Iterator<AttributeProvider> attibuteProvidersInterator = AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()); @@ -247,7 +248,7 @@ public class AttributeCollector implements IAction { Logger.error("We have no suitable plugin for obtaining the attribute '" + currentAttribute.getName() + "'"); } else // else, update any existing attributes - addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); + container.getResponse().setPersonalAttributeList(addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes)); } Logger.info("collecting attributes done"); @@ -296,15 +297,21 @@ public class AttributeCollector implements IAction { * * @param target the target * @param source the source + * @return * @throws MOAIDException */ - private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException { + private PersonalAttributeList addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException { + + PersonalAttributeList updatedList = new PersonalAttributeList(); + for (PersonalAttribute el : target) + updatedList.add(el); + Logger.debug("Updating " + source.size() + " attributes..."); for (PersonalAttribute current : source) { Logger.debug("treating " + current.getName()); // check if we need to update the current pa - if (target.containsKey(current.getName())) { + if (updatedList.containsKey(current.getName())) { PersonalAttribute existing = target.get(current.getName()); if(!(existing.isEmptyValue() && existing.isEmptyComplexValue())) if(!(existing.getValue().equals(current.getValue()) || existing.getComplexValue().equals(current.getComplexValue()))) { @@ -312,14 +319,16 @@ public class AttributeCollector implements IAction { throw new MOAIDException("stork.16", new Object[] {existing.getName()}); } - target.get(current.getName()).setStatus(current.getStatus()); - target.get(current.getName()).setValue(current.getValue()); - target.get(current.getName()).setComplexValue(current.getComplexValue()); + updatedList.get(current.getName()).setStatus(current.getStatus()); + updatedList.get(current.getName()).setValue(current.getValue()); + updatedList.get(current.getName()).setComplexValue(current.getComplexValue()); } else - target.add(current); + updatedList.add(current); - Logger.debug("...successfully treated " + current.getName()); + Logger.debug("...successfully treated " + current.getName()); } + + return updatedList; } /* (non-Javadoc) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index de7d5d6dd..2c5728798 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -41,7 +41,7 @@ import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.complex.attributes.AttributeStatusType; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java index 3e16db7d2..acbf1678a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java @@ -90,6 +90,7 @@ public class CorporateBodyMandateContainer extends MandateContainer { } public void setCorpMandatorIdentificationValue(String corpMandatorIdentificationValue) { + Logger.debug("Setting corpMandatorIdentificationValue to AT/" + corpMandatorIdentificationValue); this.corpMandatorIdentificationValue = "AT/" + corpMandatorIdentificationValue; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 993514ec7..3ab4ec4a1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -31,8 +31,7 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKStatusCode; - +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.text.DateFormat; @@ -59,19 +58,23 @@ public class MOAAttributeProvider { static { Map<String, String> tempSimpleMap = new HashMap<String, String>(); tempSimpleMap.put("givenName", "getGivenName"); - tempSimpleMap.put("surname", "getFamilyName"); + tempSimpleMap.put("surname", "getFamilyName"); + tempSimpleMap.put("MSOrganization", "getPvpAttribute_OU"); storkAttributeSimpleMapping = Collections.unmodifiableMap(tempSimpleMap); + Map<String, String> tempFunctionMap = new HashMap<String, String>(); tempFunctionMap.put("eIdentifier", "geteIdentifier"); tempFunctionMap.put("ECApplicationRole","getECApplicationRole"); tempFunctionMap.put("dateOfBirth", "getFormatedDateOfBirth"); + tempFunctionMap.put("MSOrganization", "getMSOrganization"); storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); + } public MOAAttributeProvider(IAuthData authData, MOASTORKRequest moastorkRequest) { this.authData = authData; this.moastorkRequest = moastorkRequest; - Logger.debug("identity " + authData.getIdentificationType() + " " + authData.getIdentificationValue()); + } public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) { @@ -129,12 +132,11 @@ public class MOAAttributeProvider { } return storkRoles; } - + private String getFormatedDateOfBirth() { if (authData.getDateOfBirth() != null) { DateFormat fmt = new SimpleDateFormat("yyyyMMdd"); return fmt.format(authData.getDateOfBirth()); - } else return null; @@ -143,14 +145,14 @@ public class MOAAttributeProvider { private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) { try { - Object attributeValue = method.invoke(object, new Class[]{}); + Object attributeValue = method.invoke(object, new Class[]{}); // (Object[]) PersonalAttribute newAttribute = new PersonalAttribute(); newAttribute.setName(storkAttribute); newAttribute.setIsRequired(isRequired); if (attributeValue != null) { - newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.name()); + newAttribute.setStatus(AttributeStatusType.AVAILABLE.value()); Logger.info("Got attribute value: " + attributeValue); if (attributeValue instanceof String) @@ -163,7 +165,7 @@ public class MOAAttributeProvider { } else { Logger.info("Attribute " + storkAttribute + " is not available."); - newAttribute.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.name()); + newAttribute.setStatus(AttributeStatusType.NOT_AVAILABLE.value()); } @@ -175,7 +177,7 @@ public class MOAAttributeProvider { } else { Logger.info("Attribute " + storkAttribute + " is not available."); - newAttribute.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.name()); + newAttribute.setStatus(AttributeStatusType.NOT_AVAILABLE.value()); } } catch (InvocationTargetException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java index e6c58b503..9207cc2dc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java @@ -54,6 +54,8 @@ public abstract class MandateContainer { public MandateContainer(String mandate) throws XPathExpressionException, MOAIDException { + Logger.debug("Received mandate content for processing: " + mandate); + xPath = XPathFactory.newInstance().newXPath(); HashMap<String, String> prefMap = new HashMap<String, String>() {{ put(S2Constants.MANDATE_PREFIX, S2Constants.MANDATE_NS); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index baa91a854..ed8480ccb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -33,13 +33,16 @@ import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.complex.attributes.*; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.*; +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.codec.binary.StringUtils; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -65,12 +68,21 @@ public class MandateRetrievalRequest implements IAction { private IAuthData authData; private MOASTORKRequest moaStorkRequest; private IdentityLink representingIdentityLink; + private Integer QAALevel; + private byte[] originalContent; public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { Logger.debug("Entering AttributeRequest for MandateProvider"); httpResp.reset(); this.representingIdentityLink = authData.getIdentityLink(); + this.QAALevel = translateQAALevel(authData.getQAALevel()); + // preparing original content and removing sensitive data from it + this.originalContent = authData.getMISMandate().getMandate(); // TODO ERROR + //Logger.debug("Original content " + StringUtils.newStringUtf8(authData.getMISMandate().getMandate())); + String originalMandate = StringUtils.newStringUtf8(authData.getMISMandate().getMandate()).replaceAll("<pd:Value>.*?==</pd:Value><pd:Type>urn:publicid:gv.at:baseid</pd:Type>","<pd:Value></pd:Value><pd:Type></pd:Type>");; + Logger.debug("Removing personal identification value and type from original mandate "); + originalContent = StringUtils.getBytesUtf8(originalMandate); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(req.getOAURL()); if (oaParam == null) @@ -206,6 +218,18 @@ public class MandateRetrievalRequest implements IAction { return null; } + private Integer translateQAALevel(String qaaLevel) throws MOAIDException { + if (qaaLevel.equals(PVPConstants.STORK_QAA_1_1)) + return 1; + if (qaaLevel.equals(PVPConstants.STORK_QAA_1_2)) + return 2; + if (qaaLevel.equals(PVPConstants.STORK_QAA_1_3)) + return 3; + if (qaaLevel.equals(PVPConstants.STORK_QAA_1_4)) + return 4; + Logger.error("Wrong QAA Number format"); + throw new MOAIDException("stork.16", new Object[]{}); + } private String geteLPIdentifier(MandateContainer mandateContainer, PersonalAttribute currentAttribute) throws MOAIDException { RepresentationPersonType represented = getRepresented(mandateContainer, currentAttribute); @@ -213,7 +237,7 @@ public class MandateRetrievalRequest implements IAction { return represented.getELPIdentifier(); } else if (currentAttribute.isRequired()) { Logger.error("Cannot provide eLPIdentifier for natural person."); - throw new MOAIDException("stork.19", new Object[]{currentAttribute.getName()}); + throw new MOAIDException("stork.19", new Object[]{currentAttribute.getName()}); // TODO } return ""; } @@ -249,14 +273,35 @@ public class MandateRetrievalRequest implements IAction { private String mapPowersType(MandateContainer mandateContainer) { + // using if for java 6 compatibility if necessary if (mandateContainer.getAnnotation().equals("ELGABilateral")) { return "6"; // Health Powers } else if (mandateContainer.getAnnotation().equals("ERsB")) { return "0"; // General Powers } else if (mandateContainer.getAnnotation().equals("GeneralvollmachtBilateral")) { return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("ERsBMitPostvollmacht")) { + return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("ZVR")) { + return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("ZVRMitPostvollmacht")) { + return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("EVB")) { + return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("Einzelvertretungsbefugnis")) { + return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("Prokura")) { + return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("Notar")) { + return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("Organwalter")) { + return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("Rechtsanwalt")) { + return "0"; // General Powers + } else if (mandateContainer.getAnnotation().equals("Ziviltechniker")) { + return "0"; // General Powers } - return ""; + return "9"; } private MandateType getMandateType(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { @@ -264,10 +309,9 @@ public class MandateRetrievalRequest implements IAction { RepresentationPersonType representative = getRepresentative(mandateContainer, sourceAttribute); RepresentationPersonType represented = getRepresented(mandateContainer, sourceAttribute); MandateContentType mandateContent = getMandateContent(mandateContainer, sourceAttribute); - - mandateType.setRepresenting(representative); + mandateType.setRepresentative(representative); mandateType.setRepresented(represented); - mandateType.setMandateContent(mandateContent); + mandateType.getMandateContent().add(mandateContent); Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); return mandateType; } @@ -275,7 +319,8 @@ public class MandateRetrievalRequest implements IAction { private String getLegalName(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { RepresentationPersonType represented = getRepresented(mandateContainer, sourceAttribute); if (mandateContainer instanceof CorporateBodyMandateContainer) { - return represented.getName(); + represented.getLegalName(); + //return represented.getName(); } else if (sourceAttribute.isRequired()) { Logger.error("Cannot provide legalName for natural person."); throw new MOAIDException("stork.19", new Object[]{sourceAttribute.getName()}); @@ -487,10 +532,10 @@ public class MandateRetrievalRequest implements IAction { if (mandateContainer instanceof CorporateBodyMandateContainer) { CorporateBodyMandateContainer corporateBodyMandateContainer = (CorporateBodyMandateContainer) mandateContainer; represented.setELPIdentifier(corporateBodyMandateContainer.getCorpMandatorIdentificationValue()); - represented.setName(corporateBodyMandateContainer.getCorpMandatorFullName()); - represented.setAddress(""); - represented.setCanonicalAddress(new CanonicalAddressType()); - represented.setType(getCompanyType(corporateBodyMandateContainer.corpMandatorFullName, corporateBodyMandateContainer.corpMandatorIdentificationType, sourceAttribute)); + represented.setLegalName(corporateBodyMandateContainer.getCorpMandatorFullName()); + represented.setTextRegisteredAddress(null); + represented.setCanonicalRegisteredAddress(new CanonicalAddressType()); + represented.setLegalForm(getCompanyType(corporateBodyMandateContainer.corpMandatorFullName, corporateBodyMandateContainer.corpMandatorIdentificationType, sourceAttribute)); } else if (mandateContainer instanceof PhyPersonMandateContainer) { PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer) mandateContainer; represented.setEIdentifier(getRepresentedStorkeIdentifier(mandateContainer)); @@ -510,18 +555,22 @@ public class MandateRetrievalRequest implements IAction { try { XMLGregorianCalendar validFrom = DatatypeFactory.newInstance().newXMLGregorianCalendar(mandateContainer.getMandateValidFrom()); XMLGregorianCalendar validTo = DatatypeFactory.newInstance().newXMLGregorianCalendar(mandateContainer.getMandateValidTo()); - mandateContent.setValidFrom(validFrom); - mandateContent.setValidTo(validTo); + TimeRestrictionType timeRestriction = new TimeRestrictionType(); + timeRestriction.setValidFrom(validFrom); + timeRestriction.setValidTo(validTo); + mandateContent.setTimeRestriction(timeRestriction); } catch (DatatypeConfigurationException dte) { Logger.error("Error converting date from mandate: " + mandateContainer.getMandateValidFrom() + ", " + mandateContainer.getMandateValidTo()); throw new MOAIDException("stork.20", new Object[]{}); } - - mandateContent.setTransactionLimit(BigInteger.valueOf(0)); // TODO - mandateContent.setTransactionLimitCurrency("");// TODO - mandateContent.setIsJoint("0"); - mandateContent.setIschained(false); - mandateContent.setTypePower(mapPowersType(mandateContainer)); + mandateContent.setAQAA(this.QAALevel); + mandateContent.setOriginalMandate(originalContent); + mandateContent.setOriginalMandateType("application/xml"); + TransactionLimitRestrictionType transactionLimit = new TransactionLimitRestrictionType(); + mandateContent.setTransactionLimit(transactionLimit); + mandateContent.setIsJoint(""); + mandateContent.setIsChained(false); + mandateContent.setTypeOfPower(mapPowersType(mandateContainer)); // TODO check Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); return mandateContent; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKPVPUtilits.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKPVPUtilits.java index d923eccde..123d32af4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKPVPUtilits.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKPVPUtilits.java @@ -32,7 +32,7 @@ import java.util.List; public class STORKPVPUtilits { public static final List<String> attributesRequirePVPAuthentication = - Arrays.asList("ECApplicationRole"); + Arrays.asList("ECApplicationRole", "MSOrganization"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttributeProviderPlugin.java index 761460971..bd1576020 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttributeProviderPlugin.java @@ -52,8 +52,9 @@ import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.complex.attributes.IsHealthCareProfessionalType; -import eu.stork.peps.complex.attributes.ObjectFactory; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.IsHealthCareProfessionalType; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.ObjectFactory; /** * Fetches the attribute IsHealthcareProfessional from the BAGDAD SOAP service @@ -67,7 +68,7 @@ public class EHvdAttributeProviderPlugin extends AttributeProvider { * Instantiates a new e hvd attribute provider plugin. * * @param url the service url - * @param attributes + * @param supportedAttributes */ public EHvdAttributeProviderPlugin(String url, String supportedAttributes) { super(supportedAttributes); @@ -183,7 +184,7 @@ public class EHvdAttributeProviderPlugin extends AttributeProvider { if (collection.get("IsHealthcareProfessional").equals("false") || !collection.get("Type").equals("Medical doctor")) { // the citizen is no HCP - acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList<String>(), "NotAvailable"); + acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList<String>(), AttributeStatusType.NOT_AVAILABLE.value()); } else { // go on and parse the data IsHealthCareProfessionalType result = new IsHealthCareProfessionalType(); @@ -193,7 +194,7 @@ public class EHvdAttributeProviderPlugin extends AttributeProvider { result.setTypeOfHCP("physician"); result.setNameOfOrganisation(collection.get("NameOfOrganisation")); - result.setTypeOfOrganisation("Unknown"); + //result.setTypeOfOrganisation("Unknown"); // TODO used in previous version, check what to do with this result.setAQAA(4); @@ -206,7 +207,7 @@ public class EHvdAttributeProviderPlugin extends AttributeProvider { ArrayList<String> value = new ArrayList<String>(); value.add(stringWriter.toString()); - acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, "Available"); + acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, AttributeStatusType.AVAILABLE.value()); } // pack and return the result @@ -216,7 +217,7 @@ public class EHvdAttributeProviderPlugin extends AttributeProvider { // add stork id for verification ArrayList<String> value = new ArrayList<String>(); value.add(new BPKBuilder().buildStorkeIdentifier(authData.getIdentityLink(), moastorkRequest.getSpCountry())); - result.add(new PersonalAttribute("eIdentifier", false, value, "Available")); + result.add(new PersonalAttribute("eIdentifier", false, value, AttributeStatusType.AVAILABLE.value())); return result; } catch (Exception e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttribute_deprecatedProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttribute_deprecatedProviderPlugin.java index 2000ef928..a16603beb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttribute_deprecatedProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttribute_deprecatedProviderPlugin.java @@ -52,9 +52,11 @@ import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.complex.attributes.IsHealthCareProfessionalDeprecatedType; -import eu.stork.peps.complex.attributes.IsHealthCareProfessionalType; -import eu.stork.peps.complex.attributes.ObjectFactory; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.IsHealthCareProfessionalDeprecatedType; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.IsHealthCareProfessionalType; // IsHealthCareProfessionalDeprecatedType; +//import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion. _1_0.assertion.IsHealthCareProfessionalType; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.ObjectFactory; /** * Fetches the attribute IsHealthcareProfessional from the BAGDAD SOAP service @@ -68,7 +70,7 @@ public class EHvdAttribute_deprecatedProviderPlugin extends AttributeProvider { * Instantiates a new e hvd attribute provider plugin. * * @param url the service url - * @param attributes + * @param supportedAttributes */ public EHvdAttribute_deprecatedProviderPlugin(String url, String supportedAttributes) { super(supportedAttributes); @@ -184,7 +186,7 @@ public class EHvdAttribute_deprecatedProviderPlugin extends AttributeProvider { if (collection.get("IsHealthcareProfessional").equals("false")) { // the citizen is no HCP - acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList<String>(), "NotAvailable"); + acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList<String>(), AttributeStatusType.NOT_AVAILABLE.value()); } else { // go on and parse the data IsHealthCareProfessionalDeprecatedType result = new IsHealthCareProfessionalDeprecatedType(); @@ -202,16 +204,16 @@ public class EHvdAttribute_deprecatedProviderPlugin extends AttributeProvider { result.setAQAA(4); - final Marshaller m = JAXBContext.newInstance(IsHealthCareProfessionalType.class).createMarshaller(); + final Marshaller m = JAXBContext.newInstance(IsHealthCareProfessionalDeprecatedType.class).createMarshaller(); m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); StringWriter stringWriter = new StringWriter(); - m.marshal(new ObjectFactory().createIsHealthCareProfessional(result), stringWriter); + m.marshal(new ObjectFactory().createIsHealthCareProfessionalDeprecated(result), stringWriter); ArrayList<String> value = new ArrayList<String>(); value.add(stringWriter.toString()); - acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, "Available"); + acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, AttributeStatusType.AVAILABLE.value()); } // pack and return the result @@ -221,7 +223,7 @@ public class EHvdAttribute_deprecatedProviderPlugin extends AttributeProvider { // add stork id for verification ArrayList<String> value = new ArrayList<String>(); value.add(new BPKBuilder().buildStorkeIdentifier(authData.getIdentityLink(), moastorkRequest.getSpCountry())); - result.add(new PersonalAttribute("eIdentifier", false, value, "Available")); + result.add(new PersonalAttribute("eIdentifier", false, value, AttributeStatusType.AVAILABLE.value())); return result; } catch (Exception e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java index 96aa55bcf..7f06c604b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java @@ -80,7 +80,7 @@ public class PVPAuthenticationProvider extends AttributeProvider { this.moastorkRequest = moastorkRequest; // break if we cannot handle the requested attribute - if (!attributes.contains(attribute.getName())) { + if (!getSupportedAttributeNames().contains(attribute.getName())) { Logger.info("Attribute " + attribute.getName() + " not supported by the provider: " + getAttrProviderName()); throw new UnsupportedAttributeException(); @@ -193,33 +193,34 @@ public class PVPAuthenticationProvider extends AttributeProvider { public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { - Logger.info(this.getClass().getSimpleName() + " tries to extract SAMLResponse out of HTTP Request"); + throw new UnsupportedAttributeException(); - //extract STORK Response from HTTP Request - //Decodes SAML Response - byte[] decSamlToken; - try { - decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); - } catch(NullPointerException e) { - throw new UnsupportedAttributeException(); - } - - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - - STORKAuthnResponse authnResponse = null; - try { - //validate SAML Token - Logger.debug("Starting validation of SAML response"); - authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) httpReq.getRemoteHost()); - Logger.info("SAML response successfully verified!"); - - }catch(STORKSAMLEngineException e){ - Logger.error("Failed to verify STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - return authnResponse.getPersonalAttributeList(); +// Logger.info(this.getClass().getSimpleName() + " tries to extract SAMLResponse out of HTTP Request"); +// //extract STORK Response from HTTP Request +// //Decodes SAML Response +// byte[] decSamlToken; +// try { +// decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); +// } catch(NullPointerException e) { +// throw new UnsupportedAttributeException(); +// } +// +// //Get SAMLEngine instance +// STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); +// +// STORKAuthnResponse authnResponse = null; +// try { +// //validate SAML Token +// Logger.debug("Starting validation of SAML response"); +// authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) httpReq.getRemoteHost()); +// Logger.info("SAML response successfully verified!"); +// +// }catch(STORKSAMLEngineException e){ +// Logger.error("Failed to verify STORK SAML Response", e); +// throw new MOAIDException("stork.05", null); +// } +// +// return authnResponse.getPersonalAttributeList(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java index 124b91e8b..bb3d8b1fd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java @@ -46,6 +46,7 @@ import javax.xml.ws.Service; import javax.xml.ws.soap.SOAPBinding; import javax.xml.ws.BindingProvider; +import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; import org.apache.commons.codec.binary.Base64; import org.apache.commons.io.IOUtils; import org.apache.commons.lang.NotImplementedException; @@ -55,6 +56,7 @@ import org.apache.velocity.app.VelocityEngine; import org.bouncycastle.util.encoders.UrlBase64; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.stork2.ExternalAttributeRequestRequiredException; @@ -107,15 +109,25 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { super(attributes); this.oasisDssWebFormURL = oasisDssWebFormURL; - Properties props = new Properties(); try { - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - dtlUrl = props.getProperty("docservice.url"); - } catch (IOException e) { + AuthConfigurationProvider authConfigurationProvider = AuthConfigurationProvider.getInstance(); + dtlUrl = authConfigurationProvider.getDocumentServiceUrl(); + Logger.info ("SignedDocAttributeRequestProvider, using dtlUrl:"+dtlUrl); + } catch (Exception e) { dtlUrl = "http://testvidp.buergerkarte.at/DocumentService/DocumentService"; - Logger.error("Loading DTL config failed, using default value:"+dtlUrl); e.printStackTrace(); - } + Logger.error("Loading documentservice url failed, using default value:"+dtlUrl); + } + +// Properties props = new Properties(); +// try { +// props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); +// dtlUrl = props.getProperty("docservice.url"); +// } catch (IOException e) { +// dtlUrl = "http://testvidp.buergerkarte.at/DocumentService/DocumentService"; +// Logger.error("Loading DTL config failed, using default value:"+dtlUrl); +// e.printStackTrace(); +// } } /* @@ -207,7 +219,16 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { // set the url in the SignResponse DocumentWithSignature documentWithSignature = new DocumentWithSignature(); DocumentType value = new DocumentType(); - value.setDocumentURL(dtlUrl); + if(dtlUrl.endsWith("?wsdl")) + { + String tmp = dtlUrl.replace("?wsdl", ""); + Logger.debug("DocumentUrl ends with ? wsdl, using "+tmp+" instead."); + value.setDocumentURL(tmp); + } + else + { + value.setDocumentURL(dtlUrl); + } documentWithSignature.setDocument(value); if(signResponse.getOptionalOutputs()!=null) { @@ -296,7 +317,7 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { Logger.debug("Assembling signedDoc attribute"); PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values, - "Available"); + AttributeStatusType.AVAILABLE.value()); // pack and return the result PersonalAttributeList result = new PersonalAttributeList(); @@ -355,7 +376,13 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { byte[] data = getDocumentFromDtl(docRequest, dtlURL);//dtlUrl //load doc from DTL - Logger.debug("data:"+data); + Logger.debug("data:"+data+" "+data.length); + try{ + Logger.trace("data:"+new String(data,"UTF-8")); + }catch(Exception e) + { + Logger.trace("data: creating String failed:"+e); + } String mime = getDocumentMimeFromDtl(docId, dtlURL);//dtlUrl Logger.debug("mime:"+mime); @@ -366,11 +393,28 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { IncludeObject.class); signRequest.getOptionalInputs().getAny().removeAll(includeObjects); + String documentId = null; + Object objDoc = signRequest.getInputDocuments().getDocumentOrTransformedDataOrDocumentHash().get(0); + if (objDoc != null && objDoc instanceof DocumentType) + { + DocumentType document = (DocumentType)objDoc; + documentId = document.getID(); + } DocumentType document = new DocumentType(); - Base64Data b64data = new Base64Data(); - b64data.setValue(data); - b64data.setMimeType(mime); - document.setBase64Data(b64data); + if(documentId != null) + document.setID(documentId); + if(signRequest.getProfile().toLowerCase().contains("xades")) + { + document.setBase64XML(data); + } + else + { + Base64Data b64data = new Base64Data(); + b64data.setValue(data); + b64data.setMimeType(mime); + document.setBase64Data(b64data); + } + signRequest.setInputDocuments(ApiUtils.createInputDocuments(document)); //override old signRequestString @@ -379,6 +423,7 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { IOUtils.copy(istr, writer, "UTF-8"); signRequestString = writer.toString(); Logger.info("Signrequest overwritten"); + Logger.debug("Signrequest overwritten:"+signRequestString); } catch (Exception e) { e.printStackTrace(); throw new Exception("Could not marshall sign request", e); @@ -469,6 +514,7 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { URL url = null; try { + Logger.debug("getDocumentFromDtl:"+dtlUrl); url = new URL(dtlUrl); QName qname = new QName("http://stork.eu", "DocumentService"); |