aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java68
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java176
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java59
3 files changed, 0 insertions, 303 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 407e7da52..f5fdbd90a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -14,15 +14,11 @@ import java.util.Map;
import java.util.Properties;
import java.util.Set;
-import org.opensaml.saml2.metadata.RequestedAttribute;
import org.w3c.dom.Element;
-import eu.stork.vidp.messages.util.SAMLUtil;
-
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
-import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes;
import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
@@ -32,8 +28,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
-import at.gv.egovernment.moa.id.commons.db.dao.config.KeyName;
-import at.gv.egovernment.moa.id.commons.db.dao.config.KeyStore;
import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
@@ -47,13 +41,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;
import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter;
import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
-import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureCreationParameterType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureVerificationParameterType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
@@ -66,7 +56,6 @@ import at.gv.egovernment.moa.id.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.data.IssuerAndSerial;
-import at.gv.egovernment.moa.id.util.XMLUtil;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.DOMUtils;
@@ -283,63 +272,6 @@ public class BuildFromLegacyConfig {
parseConnectionParameterClientAuth(foreignIDConnectionParameter);
auth_foreign.setConnectionParameter(auth_foreign_connection);
- //set STORK configuration
- STORKConfig storkConfig = new STORKConfig(builder.buildSTORKSignatureCreationParameter(),builder.buildSTORKSignatureVerificationParameter(), builder.buildSTORKcPEPSMap());
- STORK auth_foreign_stork = new STORK();
- auth_foreign.setSTORK(auth_foreign_stork);
-
- //set CPEPS
- Map<String, at.gv.egovernment.moa.id.config.legacy.CPEPS> map = storkConfig.getCpepsMap();
- Set<String> map_keys = map.keySet();
- List<CPEPS> auth_foreign_stork_cpeps = new ArrayList<CPEPS>();
- for (String key : map_keys) {
- CPEPS cpep = new CPEPS();
- cpep.setCountryCode(map.get(key).getCountryCode());
- cpep.setURL(map.get(key).getPepsURL().toExternalForm()); //check correctness!!!!
-
- List<String> cpep_reqs = new ArrayList<String>();
-
- List<RequestedAttribute> map1 = map.get(key).getCountrySpecificRequestedAttributes();
- for (RequestedAttribute e1 : map1) {
- Element element = SAMLUtil.marshallMessage(e1);
- cpep_reqs.add(XMLUtil.printXML(element));
- }
- cpep.setAttributeValue(cpep_reqs);
- auth_foreign_stork_cpeps.add(cpep);
- }
- auth_foreign_stork.setCPEPS(auth_foreign_stork_cpeps);
-
-
- //set SAMLSigningParameter
- if (storkConfig.getSignatureCreationParameter() != null &&
- storkConfig.getSignatureVerificationParameter() != null) {
- SAMLSigningParameter auth_foreign_stork_samlSign = new SAMLSigningParameter();
- auth_foreign_stork.setSAMLSigningParameter(auth_foreign_stork_samlSign);
-
- SignatureCreationParameterType stork_saml_creat = new SignatureCreationParameterType();
- auth_foreign_stork_samlSign.setSignatureCreationParameter(stork_saml_creat);
- KeyStore stork_saml_creat_keystore = new KeyStore();
- stork_saml_creat.setKeyStore(stork_saml_creat_keystore);
- stork_saml_creat_keystore.setPassword(storkConfig.getSignatureCreationParameter().getKeyStorePassword());
- stork_saml_creat_keystore.setValue(storkConfig.getSignatureCreationParameter().getKeyStorePath());
- KeyName stork_saml_creat_keyname = new KeyName();
- stork_saml_creat.setKeyName(stork_saml_creat_keyname);
- stork_saml_creat_keyname.setValue(storkConfig.getSignatureCreationParameter().getKeyName());
- stork_saml_creat_keyname.setPassword(storkConfig.getSignatureCreationParameter().getKeyPassword());
-
-
-
- SignatureVerificationParameterType stork_saml_verify = new SignatureVerificationParameterType();
- auth_foreign_stork_samlSign.setSignatureVerificationParameter(stork_saml_verify);
- stork_saml_verify.setTrustProfileID(storkConfig.getSignatureVerificationParameter().getTrustProfileID());
-
- }
-
- //TODO: check correctness
- //set QualityAuthenticationAssurance
- //set RequestedAttbutes
-
-
//set OnlineMandates config
ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter();
if (onlineMandatesConnectionParameter != null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
index 3abc94b02..525c5a24e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
@@ -30,8 +30,6 @@ import iaik.utils.RFC2253NameParserException;
import java.io.IOException;
import java.math.BigInteger;
-import java.net.MalformedURLException;
-import java.net.URL;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
@@ -41,8 +39,6 @@ import java.util.List;
import java.util.Map;
import java.util.Vector;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -56,9 +52,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.legacy.OAAuthParameter;
import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameter;
import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameters;
-import at.gv.egovernment.moa.id.config.legacy.CPEPS;
import at.gv.egovernment.moa.id.config.legacy.SignatureCreationParameter;
-import at.gv.egovernment.moa.id.config.legacy.SignatureVerificationParameter;
import at.gv.egovernment.moa.id.data.IssuerAndSerial;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -66,15 +60,9 @@ import at.gv.egovernment.moa.util.BoolUtils;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
import at.gv.egovernment.moa.util.XPathException;
import at.gv.egovernment.moa.util.XPathUtils;
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-import eu.stork.vidp.messages.util.SAMLUtil;
/**
* A class that builds configuration data from a DOM based representation.
@@ -1219,170 +1207,6 @@ public List getTrustedTemplateURLs() {
}
/**
- * Creates a SignatureVerificationParameter object from the MOA-ID configuration
- * This configuration object contains the TrustProfile to be used for signature verification (STORK SAML Signature Verification)
- *
- * @return TrustProfileID for signature verification (STORK SAML Signature Verification)
- */
- public SignatureVerificationParameter buildSTORKSignatureVerificationParameter() {
-
- Logger.debug("Loading STORK signature verification parameters.");
-
- Element signatureVerificationParameterElement = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER);
- if (signatureVerificationParameterElement == null) {
- Logger.debug("No STORK verification parameters found, " +AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER + "is missing.");
- return null;
- }
-
- SignatureVerificationParameter signatureVerificationParameter = new SignatureVerificationParameter();
-
- String trustProfileID = XPathUtils.getElementValue(signatureVerificationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID, null);
- if (StringUtils.isEmpty(trustProfileID)) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID + "is missing.");
- return null;
- }
- Logger.trace("Using the following MOA-SP TrustProfile for STORK SAML signature verification: " + trustProfileID);
- signatureVerificationParameter.setTrustProfileID(trustProfileID);
-
- Logger.info("STORK signature verification parameters loaded.");
-
- return signatureVerificationParameter;
- }
-
- /**
- * Builds a C-PEPS object from configuration
- * @param cpepsElement DOM Element of C-PEPS from configuration
- * @return C-PEPS object
- */
- public CPEPS buildSTORKCpeps(Element cpepsElement) {
-
- String countryCode = cpepsElement.getAttribute(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE);
- String cpepsURLString = cpepsElement.getAttribute(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL);
- if (StringUtils.isEmpty(countryCode)) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE + "is missing.");
- return null;
- }
- if (StringUtils.isEmpty(cpepsURLString)) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL + "is missing.");
- return null;
- }
-
- URL cpepsURL;
- try {
- cpepsURL = new URL(cpepsURLString);
- } catch (MalformedURLException e) {
- Logger.error("Provided CPEPS-URL (" + cpepsURLString + ") for country " + countryCode + " is not a URL", e);
- return null;
- }
- CPEPS cpeps = new CPEPS(countryCode, cpepsURL);
- Logger.debug("Adding C-PEPS for country: " + cpeps.getCountryCode() + ", URL: " + cpeps.getPepsURL());
-
- Element reqAttributeElement;
- NodeIterator reqAttributeIterator = XPathUtils.selectNodeIterator(cpepsElement, AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_REQUESTED_ATTRIBUTES);
-
- while ((reqAttributeElement = (Element) reqAttributeIterator.nextNode()) != null) {
- RequestedAttribute requestedAttribute;
- try {
- requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(reqAttributeElement);
- } catch (MessageEncodingException e) {
- Logger.error("Provided RequestedAttributes for CPEPS from country " + countryCode + " is malformed.", e);
- return null;
- }
- //only add if STORK attribute is correct
- if (STORKConstants.FULL_STORK_ATTRIBUTE_SET.contains(requestedAttribute.getName())) {
- cpeps.addCountrySpecificRequestedAttribute(requestedAttribute);
- Logger.debug("Adding also country specific requested attribute for C-PEPS (" + countryCode + "): " + requestedAttribute.getName() + ", isRequired: " + requestedAttribute.isRequired());
- } else {
- Logger.warn("Skipping addition of requested STORK Attribute, attribute unknown : " + requestedAttribute.getName());
- }
-
- }
-
- return cpeps;
- }
-
- /**
- * Builds the supported C-PEPS Map from configuration
- * @return Map of C-PEPS
- */
- public Map<String, CPEPS> buildSTORKcPEPSMap() {
-
- Logger.debug("Loading STORK C-PEPS information");
-
- Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>();
-
- NodeIterator cpepsIterator = XPathUtils.selectNodeIterator(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_CPEPS);
-
- Element cpepsElement;
- CPEPS cpeps;
-
- while ((cpepsElement = (Element) cpepsIterator.nextNode()) != null) {
- cpeps = buildSTORKCpeps(cpepsElement);
- if (cpeps != null) {
- cpepsMap.put(cpeps.getCountryCode(), cpeps);
- }
- }
-
- if(!cpepsMap.isEmpty()) {
- Logger.info("STORK C-PEPS information loaded");
- }
-
- return cpepsMap;
-
- }
-
- /**
- * Builds the required STORK QAALevel for this OA
- * @param authComponentElement DOM Element of AuthComponent (from MOA configuration)
- * @return STORK QAALevel for this OA
- */
- public QualityAuthenticationAssuranceLevel buildOaSTORKQAALevel(Element authComponentElement) {
- Element qaaLevelElement = (Element)XPathUtils.selectSingleNode(authComponentElement, OA_AUTH_COMPONENT_STORK_QAA);
-
- if (qaaLevelElement == null) return null;
-
- try {
- QualityAuthenticationAssuranceLevel qaaLevel = (QualityAuthenticationAssuranceLevel) SAMLUtil.unmarshallMessage(qaaLevelElement);
- return qaaLevel;
- } catch (MessageEncodingException e) {
- Logger.error("Could not build STORK QAALevel, using default.");
- return null;
- }
-
- }
-
- /**
- * Builds the Requested Attributes specific for an OA
- * @param authComponentElement DOM Element of AuthComponent (from MOA configuration)
- * @return STORK RequestedAttributes for this OA
- */
- public RequestedAttributes buildOaSTORKRequestedAttributes(Element authComponentElement) {
- List<RequestedAttribute> reqAttributeList = new ArrayList<RequestedAttribute>();
-
-
- Element reqAttributeElement;
- NodeIterator reqAttributeIterator = XPathUtils.selectNodeIterator(authComponentElement, OA_AUTH_COMPONENT_STORK_REQUESTED_ATTRIBUTE);
-
- while ((reqAttributeElement = (Element) reqAttributeIterator.nextNode()) != null) {
- RequestedAttribute requestedAttribute;
- try {
- requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(reqAttributeElement);
- } catch (MessageEncodingException e) {
- Logger.error("Provided RequestedAttributes Online Application is malformed.", e);
- return null;
- }
- //only add if STORK attribute is correct
- if (STORKConstants.FULL_STORK_ATTRIBUTE_SET.contains(requestedAttribute.getName())) {
- reqAttributeList.add(requestedAttribute);
- } else {
- Logger.warn("Skipping addition of requested STORK Attribute, attribute unknown : " + requestedAttribute.getName());
- }
- }
-
- return STORKMessagesBuilder.buildRequestedAttributes(reqAttributeList);
- }
-
- /**
* Method warn.
* @param messageId to identify a country-specific message
* @param parameters for the logger
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
index 3948522c0..7174e05dc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
@@ -24,15 +24,6 @@
package at.gv.egovernment.moa.id.config.legacy;
-import java.util.ArrayList;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
/**
* Configuration parameters belonging to an online application,
* to use with the MOA ID Auth component.
@@ -129,22 +120,6 @@ public class OAAuthParameter extends OAParameter {
*/
private String identityLinkDomainIdentifierType;
- /**
- * STORK QAA Level, Default = 4
- */
- private QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(4);
-
- /**
- * STORK RequestedAttributes for Online Application
- * Default RequestedAttributes are: eIdentifier, givenName, surname, dateOfBirth
- */
- private RequestedAttributes requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes(
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_GIVENNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SURNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH, false, null));
-
-
/**
* Returns <code>true</code> if the Security Layer version is version 1.2,
* otherwise <code>false</code>.
@@ -464,38 +439,4 @@ public class OAAuthParameter extends OAParameter {
return this.mandateProfiles;
}
- /**
- * Returns the defined STORK QAALevel
- * @return STORK QAALevel
- */
- public QualityAuthenticationAssuranceLevel getQaaLevel() {
- return qaaLevel;
- }
-
- /**
- * Sets the STORK QAALevel
- * @param qaaLevel
- */
- public void setQaaLevel(QualityAuthenticationAssuranceLevel qaaLevel) {
- this.qaaLevel = qaaLevel;
- }
-
- /**
- * Returns the desired STORK Requested Attributes
- * @return STORK Requested Attributes
- */
- public RequestedAttributes getRequestedAttributes() {
- return requestedAttributes;
- }
-
- /**
- * Sets the desired STORK Requested Attributes
- * @param requestedAttributes
- */
- public void setRequestedAttributes(RequestedAttributes requestedAttributes) {
- this.requestedAttributes = requestedAttributes;
- }
-
-
-
}