diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java | 167 |
1 files changed, 167 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java new file mode 100644 index 000000000..fa455b4ef --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java @@ -0,0 +1,167 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.proxy.invoke; + +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.util.Vector; + +import javax.xml.namespace.QName; +import javax.xml.rpc.Call; +import javax.xml.rpc.Service; +import javax.xml.rpc.ServiceFactory; + +import org.apache.axis.message.SOAPBodyElement; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.ServiceException; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.data.SAMLStatus; +import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser; +import at.gv.egovernment.moa.id.proxy.servlet.ProxyException; +import at.gv.egovernment.moa.id.util.Random; + +/** + * Invoker of + * <ul> + * <li>either the GetAuthenticationData web service of MOA-ID Auth</li> + * <li>or the API call {@link at.gv.egovernment.moa.id.auth.AuthenticationServer#getAuthenticationData},</li> + * </ul> + * depending of the configuration. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class GetAuthenticationDataInvoker { + /** Create a new QName object for the webservice endpoint */ + private static final QName SERVICE_QNAME = new QName("GetAuthenticationData"); + + /** invoked object for API call of MOA-ID Auth */ + private static Object apiServer = null; + /** invoked method for API call of MOA-ID Auth */ + private static Method apiMethod = null; + + /** + * Invokes the service passing domain model objects. + * @param samlArtifact SAML artifact + * @return AuthenticationData object + * @throws ServiceException on any exception thrown + */ + /** + * Get authentication data from the MOA-ID Auth component, + * either via API call or via web service call. + * @param samlArtifact SAML artifact to be used as a parameter + * @return AuthenticationData + */ + public AuthenticationData getAuthenticationData(String samlArtifact) + throws ConfigurationException, ProxyException, BuildException, ServiceException, ParseException, AuthenticationException { + + ConnectionParameter authConnParam = + ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter(); + if (authConnParam == null) { + try { + if (apiServer == null) { + Class serverClass = Class.forName("at.gv.egovernment.moa.id.auth.AuthenticationServer"); + Method getInstanceMethod = serverClass.getMethod("getInstance", (Class[]) null); + apiServer = getInstanceMethod.invoke(null, (Object[]) null); + apiMethod = serverClass.getMethod( + "getAuthenticationData", new Class[] {String.class}); + } + AuthenticationData authData = (AuthenticationData)apiMethod.invoke(apiServer, new Object[] {samlArtifact}); + return authData; + } + catch (InvocationTargetException ex) { + Throwable targetEx = ex.getTargetException(); + if (targetEx instanceof AuthenticationException) + throw (AuthenticationException) targetEx; + else + throw new ProxyException("proxy.09", new Object[] {targetEx.toString()}); + } + catch (Throwable ex) { + throw new ProxyException("proxy.09", new Object[] {ex.toString()}); + } + } + else { + Element samlpRequest = new SAMLRequestBuilder().build(Random.nextRandom(), samlArtifact); + Element samlpResponse = getAuthenticationData(samlpRequest); + SAMLResponseParser srp = new SAMLResponseParser(samlpResponse); + SAMLStatus status = srp.parseStatusCode(); + if (! "samlp:Success".equals(status.getStatusCode())) { + // on error status throw exception + String code = status.getStatusCode(); + if (status.getSubStatusCode() != null && status.getSubStatusCode().length() > 0) + code += "(" + status.getSubStatusCode() + ")"; + throw new ServiceException("service.02", new Object[] {code, status.getStatusMessage()}); + } + return srp.parseAuthenticationData(); + } + } + + /** + * Invokes the service passing DOM elements. + * @param request request DOM element + * @return response DOM element + * @throws ServiceException on any exception thrown + */ + public Element getAuthenticationData(Element request) throws ServiceException { + try { + Service service = ServiceFactory.newInstance().createService(SERVICE_QNAME); + Call call = service.createCall(); + SOAPBodyElement body = + new SOAPBodyElement(request); + SOAPBodyElement[] params = new SOAPBodyElement[] {body}; + Vector responses; + SOAPBodyElement response; + + String endPoint; + ConnectionParameter authConnParam = + ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter(); + + //If the ConnectionParameter do NOT exist, we throw an exception .... + if (authConnParam!=null) { + endPoint = authConnParam.getUrl(); + call.setTargetEndpointAddress(endPoint); + responses = (Vector) call.invoke(SERVICE_QNAME, params); + response = (SOAPBodyElement) responses.get(0); + return response.getAsDOM(); + } + else + { + throw new ServiceException("service.01", null); + } + } + catch (Exception ex) { + throw new ServiceException("service.00", new Object[] {ex.toString()}, ex); + } + } + +} |