diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java | 189 |
1 files changed, 0 insertions, 189 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index 8385c5dbe..6d88a1684 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -40,11 +40,8 @@ import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.StringUtils;
import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
-import eu.stork.mw.messages.saml.STORKResponse;
import eu.stork.peps.auth.commons.IPersonalAttributeList;
import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.util.SAMLUtil;
/**
*
@@ -61,192 +58,6 @@ public class STORKResponseProcessor { public static final String OASIS_DSS_SUCCESS_MSG = "urn:oasis:names:tc:dss:1.0:resultmajor:Success";
/**
- * Extracts a STORK response from a HTTP message
- * @param request HttpServletRequest
- * @param response HttpServletResponse
- * @return STORK Response
- * @throws STORKException
- */
- public static STORKResponse receiveSTORKRepsonse(HttpServletRequest request, HttpServletResponse response) throws STORKException {
-
- HTTPInTransport httpInTransport = new HttpServletRequestAdapter(request);
- HTTPOutTransport httpOutTransport = new HttpServletResponseAdapter(response, request.isSecure());
-
- httpInTransport.getPeerAddress();
-
- String samlResponseString = request.getParameter("SAMLResponse");
-
- if (StringUtils.isEmpty(samlResponseString)) {
- Logger.error("SAMLResponse not found in request.");
- throw new STORKException("SAMLResponse not found in request.");
- }
-
- BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
-
- samlMessageContext.setInboundMessageTransport(httpInTransport);
- samlMessageContext.setOutboundMessageTransport(httpOutTransport);
-
- HTTPPostDecoder postDecoder = new HTTPPostDecoder();
-
- try {
- postDecoder.decode(samlMessageContext);
- } catch (Exception e) {
- Logger.error("Error decoding SAMLResponse message", e);
- throw new STORKException("Error decoding SAMLResponse message", e);
- }
-
- if (!(samlMessageContext.getInboundSAMLMessage() instanceof STORKResponse)) {
- Logger.error("Message received is not a SAMLResponse message");
- throw new STORKException("Message received is not a SAMLResponse message");
- }
-
- STORKResponse samlResponse = (STORKResponse) samlMessageContext.getInboundSAMLMessage();
-
- return samlResponse;
- }
-
- /**
- * Verifies a STORK response according STORK specification
- * @param storkResponse STORK Response to verify
- * @throws STORKException if validation fails
- */
- public static void verifySTORKResponse(STORKResponse storkResponse) throws STORKException {
-
- ResponseVerifier responseVerifier = new PEPSConnectorResponseVerifier();
- try {
- responseVerifier.verify(storkResponse);
- } catch (SecurityException e) {
- Logger.error("Error validating response message from PEPS.", e);
- throw new STORKException("Error validating response message from PEPS.");
- }
-
- }
-
- /**
- * Verifies a STORK assertion
- * @param assertion STORK assertion
- * @param ipAddress Client IP address
- * @param authnRequestID ID of the AuthnRequest
- * @param recipient recipient for verification
- * @param audience audience for verification
- * @param reqAttributeList RequestedAttribute list for verification
- * @throws STORKException
- */
- public static void verifySTORKAssertion(
- Assertion assertion,
- String ipAddress,
- String authnRequestID,
- String recipient,
- String audience,
- List<RequestedAttribute> reqAttributeList) throws STORKException {
-
- //validate Assertion
- AssertionVerifier assertionVerifier = new PEPSConnectorAssertionVerifier();
- try {
- assertionVerifier.verify(assertion, ipAddress, authnRequestID, recipient, audience, reqAttributeList);
-
- //verify if all required attributes are present
- PEPSConnectorAssertionVerifier.validateRequiredAttributes(reqAttributeList, assertion.getAttributeStatements().get(0).getAttributes());
-
- } catch (SecurityException e) {
- Logger.error("Error verifying assertion from PEPS", e);
- throw new STORKException("Error validating assertion received from PEPS.");
- }
-
- }
-
- /**
- * Extracts the citizen signature from the signedDoc element present in the STORK assertion
- * @param storkAssertion STORK assertion
- * @return citizen signature as XML
- * @throws STORKException
- */
- public static Element extractCitizenSignature(Assertion storkAssertion) throws STORKException {
-
- Logger.debug("Processing DSS signature response from PEPS");
-
- Element signatureResponse = getSignedDocAttributeValue(storkAssertion);
-
- if (signatureResponse == null) {
- String msg = "Could not find DSS signature response in SAML assertion";
- Logger.error(msg);
- throw new STORKException(msg);
- }
-
- Logger.debug("Found DSS signature in SAML assertion");
-
- Logger.debug("DSS Signature creation response received from PEPS (pretty print):");
- Logger.debug(XMLHelper.prettyPrintXML(signatureResponse));
- Logger.trace("DSS Signature creation response received from PEPS (original):");
- Logger.trace(XMLUtil.printXML(signatureResponse));
-
- Element signature = getSignature(signatureResponse);
-
- if (signature == null) {
- String msg = "Could not find citizen signature in SAML assertion";
- Logger.error(msg);
- throw new STORKException(msg);
- }
-
- Logger.debug("Found foreign citizen signature in SAML assertion (pretty print):");
- Logger.debug(XMLHelper.prettyPrintXML(signature));
- Logger.trace("Found foreign citizen signature in SAML assertion (original):");
- Logger.trace(XMLUtil.printXML(signature));
-
- return signature;
- }
-
- /**
- * Extracts the signedDoc attribute from a STORK assertion as XML
- * @param storkAssertion STORK assertion
- * @return Value of signedDoc attribute
- * @throws STORKException
- */
- private static Element getSignedDocAttributeValue(Assertion storkAssertion) throws STORKException {
-
- XMLObject xmlObj = SAMLUtil.getAttributeValue(storkAssertion.getAttributeStatements().get(0).getAttributes(), STORKConstants.STORK_ATTRIBUTE_SIGNEDDOC);
-
-
- if (xmlObj instanceof XSAny)
- return getSignedDocAttributeValueFromAny((XSAny) xmlObj);
- else if (xmlObj instanceof XSString)
- return getSignedDocAttributValueFromString((XSString) xmlObj);
- else
- return null;
-
- }
-
- /**
- * Get signedDoc as XML if provided as anyType
- * @param any AttributeValue as anyType
- * @return signedDoc as XML
- */
- private static Element getSignedDocAttributeValueFromAny(XSAny any) {
- if (!any.getUnknownXMLObjects(new QName(OASIS_DSS_NS, "SignResponse")).isEmpty()) {
- XMLObject xmlObj = any.getUnknownXMLObjects(new QName(OASIS_DSS_NS, "SignResponse")).get(0);
- return xmlObj.getDOM();
- } else {
- return null;
- }
- }
-
- /**
- * Get signedDoc as XML if provided as String
- * @param string AttributeValue as String
- * @return signedDoc as XML
- * @throws STORKException
- */
- private static Element getSignedDocAttributValueFromString(XSString string) throws STORKException {
- try {
- return XMLUtil.stringToDOM(string.getValue());
- } catch (Exception e) {
- Logger.error("Error building DOM", e);
- throw new STORKException(e);
-
- }
- }
-
- /**
* Extracts the signature value out of a DSS response
* @param signatureResponse DSS signature response
* @return signature
|