diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols')
7 files changed, 72 insertions, 89 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java new file mode 100644 index 000000000..31563b267 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java @@ -0,0 +1,50 @@ +package at.gv.egovernment.moa.id.protocols.builder.attributes; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; + +public class EidSpMandateProfilesAttributeBuilder implements IPVPAttributeBuilder { + private static final Logger log = LoggerFactory.getLogger(EidSpMandateProfilesAttributeBuilder.class); + + @Override + public <T> T build(final ISPConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<T> g) + throws AttributeBuilderException { + if (oaParam instanceof IOAAuthParameters && ((IOAAuthParameters) oaParam).isShowMandateCheckBox()) { + return g.buildStringAttribute(getFriendlyName(), getName(), + StringUtils.join( + ((IOAAuthParameters) oaParam).getMandateProfiles(), ",")); + + } else { + log.info("{} is only available in AuthHandler context", getFriendlyName()); + + } + throw new UnavailableAttributeException(getName()); + + } + + @Override + public <T> T buildEmpty(final IAttributeGenerator<T> g) { + return g.buildEmptyAttribute(getFriendlyName(), getName()); + + } + + @Override + public String getName() { + return ExtendedPVPAttributeDefinitions.SP_USESMANDATES_NAME; + } + + private String getFriendlyName() { + return ExtendedPVPAttributeDefinitions.SP_USESMANDATES_FRIENDLY_NAME; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java deleted file mode 100644 index 5daa71b1f..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; - -/** - * @author tlenz - * - */ -public class SimpleStringAttributeGenerator implements IAttributeGenerator<String> { - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildStringAttribute(java.lang.String, java.lang.String, java.lang.String) - */ - @Override - public String buildStringAttribute(String friendlyName, String name, String value) { - return value; - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildIntegerAttribute(java.lang.String, java.lang.String, int) - */ - @Override - public String buildIntegerAttribute(String friendlyName, String name, int value) { - return String.valueOf(value); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildLongAttribute(java.lang.String, java.lang.String, long) - */ - @Override - public String buildLongAttribute(String friendlyName, String name, long value) { - return String.valueOf(value); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildEmptyAttribute(java.lang.String, java.lang.String) - */ - @Override - public String buildEmptyAttribute(String friendlyName, String name) { - return null; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java index 8229fb405..19b79d165 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java @@ -223,11 +223,11 @@ public class SingleLogOutBuilder { DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, null); - config.putCustomParameterWithOutEscaption("redirectURLs", sloReqList); - config.putCustomParameterWithOutEscaption("timeoutURL", timeOutURL); - config.putCustomParameter("timeout", String.valueOf(SLOTIMEOUT)); + config.putCustomParameterWithOutEscaption(null, "redirectURLs", sloReqList); + config.putCustomParameterWithOutEscaption(null, "timeoutURL", timeOutURL); + config.putCustomParameter(null, "timeout", String.valueOf(SLOTIMEOUT)); - guiBuilder.build(httpResp, config, "Single-LogOut GUI"); + guiBuilder.build(httpReq, httpResp, config, "Single-LogOut GUI"); } else { @@ -249,16 +249,16 @@ public class SingleLogOutBuilder { if (sloContainer.getSloFailedOAs() == null || sloContainer.getSloFailedOAs().size() == 0) { revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID); - config.putCustomParameter("successMsg", + config.putCustomParameter(null, "successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.00", null)); } else { revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); - config.putCustomParameterWithOutEscaption("errorMsg", + config.putCustomParameterWithOutEscaption(null, "errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); } - guiBuilder.build(httpResp, config, "Single-LogOut GUI"); + guiBuilder.build(httpReq, httpResp, config, "Single-LogOut GUI"); } @@ -285,11 +285,11 @@ public class SingleLogOutBuilder { null); revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); - config.putCustomParameterWithOutEscaption("errorMsg", + config.putCustomParameterWithOutEscaption(null, "errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); try { - guiBuilder.build(httpResp, config, "Single-LogOut GUI"); + guiBuilder.build(httpReq, httpResp, config, "Single-LogOut GUI"); } catch (GUIBuildException e1) { Logger.warn("Can not build GUI:'Single-LogOut'. Msg:" + e.getMessage()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index 4fc37d88f..0be49a23e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -64,7 +64,7 @@ public class MOAMetadataProvider extends AbstractChainingMetadataProvider { @Override protected String getMetadataURL(String entityId) throws EAAFConfigurationException { - ISPConfiguration oaParam = authConfig.getServiceProviderConfiguration(entityId); + ISPConfiguration oaParam = moaAuthConfig.getServiceProviderConfiguration(entityId); if (oaParam != null) return oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); @@ -78,7 +78,7 @@ public class MOAMetadataProvider extends AbstractChainingMetadataProvider { @Override protected MetadataProvider createNewMetadataProvider(String entityId) throws EAAFConfigurationException, IOException, CertificateException { - ISPConfiguration oaParam = authConfig.getServiceProviderConfiguration(entityId); + ISPConfiguration oaParam = moaAuthConfig.getServiceProviderConfiguration(entityId); if (oaParam != null) { String metadataURL = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); String certBase64 = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); @@ -117,7 +117,7 @@ public class MOAMetadataProvider extends AbstractChainingMetadataProvider { while (oaInterator.hasNext()) { Entry<String, String> oaKeyPair = oaInterator.next(); - ISPConfiguration oaParam = authConfig.getServiceProviderConfiguration(oaKeyPair.getValue()); + ISPConfiguration oaParam = moaAuthConfig.getServiceProviderConfiguration(oaKeyPair.getValue()); if (oaParam != null) { String metadataurl = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); if (MiscUtil.isNotEmpty(metadataurl)) @@ -146,14 +146,14 @@ public class MOAMetadataProvider extends AbstractChainingMetadataProvider { //FIX: change hostname validation default flag to true when httpClient is updated to > 4.4 MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( PVPConstants.SSLSOCKETFACTORYNAME, - moaAuthConfig.getBasicMOAIDConfigurationBoolean( + moaAuthConfig.getBasicConfigurationBoolean( AuthConfiguration.PROP_KEY_SSL_USE_JVM_TRUSTSTORE, false), moaAuthConfig.getTrustedCACertificates(), null, AuthConfiguration.DEFAULT_X509_CHAININGMODE, moaAuthConfig.isTrustmanagerrevoationchecking(), moaAuthConfig.getRevocationMethodOrder(), - moaAuthConfig.getBasicMOAIDConfigurationBoolean( + moaAuthConfig.getBasicConfigurationBoolean( AuthConfiguration.PROP_KEY_SSL_HOSTNAME_VALIDATION, false)); httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory); @@ -173,7 +173,7 @@ public class MOAMetadataProvider extends AbstractChainingMetadataProvider { filterChain.getFilters().add(new SchemaValidationFilter(moaAuthConfig.isPVPSchemaValidationActive())); filterChain.getFilters().add(new MetadataSignatureFilter(metadataURL, certificate)); filterChain.getFilters().add( - new PVPEntityCategoryFilter(authConfig.getBasicMOAIDConfigurationBoolean( + new PVPEntityCategoryFilter(authConfig.getBasicConfigurationBoolean( AuthConfiguration.PROP_KEY_PROTOCOL_PVP_METADATA_ENTITYCATEGORY_RESOLVER, false))); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/IDPCredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/IDPCredentialProvider.java index 389d97b18..ad7328433 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/IDPCredentialProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/IDPCredentialProvider.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.signer; import java.util.Properties; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.utils.FileUtils; @@ -32,7 +33,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.util.MiscUtil; -//@Service("PVPIDPCredentialProvider") +@Service("PVPIDPCredentialProvider") public class IDPCredentialProvider extends AbstractCredentialProvider { public static final String IDP_JAVAKEYSTORE = "idp.ks.file"; public static final String IDP_KS_PASS = "idp.ks.kspassword"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java index bd908f894..534f6797b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java @@ -76,14 +76,14 @@ public class MOASAMLSOAPClient { SecureProtocolSocketFactory sslprotocolsocketfactory = new MOAHttpProtocolSocketFactory( PVPConstants.SSLSOCKETFACTORYNAME, - AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfigurationBoolean( + AuthConfigurationProviderFactory.getInstance().getBasicConfigurationBoolean( AuthConfiguration.PROP_KEY_SSL_USE_JVM_TRUSTSTORE, false), AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(), null, AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode(), AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(), AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder(), - AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfigurationBoolean( + AuthConfigurationProviderFactory.getInstance().getBasicConfigurationBoolean( AuthConfiguration.PROP_KEY_SSL_HOSTNAME_VALIDATION, false)); clientBuilder.setHttpsProtocolSocketFactory(sslprotocolsocketfactory ); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java index 19f865325..5ed237948 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java @@ -13,7 +13,7 @@ import org.springframework.stereotype.Service; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; -import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestValidator; +import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor; import at.gv.egiz.eaaf.modules.pvp2.exception.NameIDFormatNotSupportedException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException; @@ -26,9 +26,9 @@ import at.gv.egovernment.moa.logging.Logger; * */ @Service("MOAAuthnRequestValidator") -public class AuthnRequestValidator implements IAuthnRequestValidator { +public class AuthnRequestValidator implements IAuthnRequestPostProcessor { - public void validate(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authnReq, SPSSODescriptor spSSODescriptor) throws AuthnRequestValidatorException{ + public void process(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authnReq, SPSSODescriptor spSSODescriptor) throws AuthnRequestValidatorException{ //validate NameIDPolicy NameIDPolicy nameIDPolicy = authnReq.getNameIDPolicy(); |