diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java')
11 files changed, 0 insertions, 3664 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java deleted file mode 100644 index 887a7e40f..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java +++ /dev/null @@ -1,570 +0,0 @@ -///******************************************************************************* -// * Copyright 2014 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// *******************************************************************************/ -//package at.gv.egovernment.moa.id.config.legacy; -// -//import java.io.BufferedInputStream; -//import java.io.File; -//import java.io.FileInputStream; -//import java.io.IOException; -//import java.io.InputStream; -//import java.math.BigInteger; -//import java.net.URI; -//import java.nio.file.Path; -//import java.util.ArrayList; -//import java.util.Arrays; -//import java.util.Collections; -//import java.util.List; -//import java.util.Map; -//import java.util.Properties; -//import java.util.Set; -// -//import org.w3c.dom.Element; -// -//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; -//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; -//import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; -//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; -//import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; -//import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; -//import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; -//import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; -//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; -//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; -//import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; -//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; -//import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; -//import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; -//import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; -//import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; -//import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; -//import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; -//import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; -//import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; -//import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; -//import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; -//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; -//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; -//import at.gv.egovernment.moa.id.config.ConfigurationException; -//import at.gv.egovernment.moa.id.config.ConfigurationProvider; -// -//import at.gv.egovernment.moa.id.data.IssuerAndSerial; -//import at.gv.egovernment.moa.logging.Logger; -//import at.gv.egovernment.moa.util.Base64Utils; -//import at.gv.egovernment.moa.util.DOMUtils; -//import at.gv.egovernment.moa.util.FileUtils; -//import at.gv.egovernment.moa.util.MiscUtil; -// -//public class BuildFromLegacyConfig { -// -// private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID"; -// -// private static final String SEARCHBKUTEMPLATE_LOCAL = "https://127.0.0.1:3496/"; -// private static final String SEARCHBKUTEMPLATE_HANDY = "https://www.handy-signatur.at"; -// private static final String SEARCHBKUTEMPLATE_ONLINE = "bkuonline/http-security-layer-request"; -// -// public static final String AUTH_SESSION_TIMEOUT_PROPERTY = -// "AuthenticationSession.TimeOut"; -// /** -// * The name of the generic configuration property giving the authentication data time out. -// */ -// public static final String AUTH_DATA_TIMEOUT_PROPERTY = -// "AuthenticationData.TimeOut"; -// -// -// public static MOAIDConfiguration build(File fileName, String rootConfigFileDir, MOAIDConfiguration oldconfig) throws ConfigurationException { -// InputStream stream = null; -// Element configElem; -// ConfigurationBuilder builder; -// -// Logger.info("Load Legacy-Configuration from file=" + fileName); -// -// try { -// // load the main config file -// stream = new BufferedInputStream(new FileInputStream(fileName)); -// configElem = DOMUtils.parseXmlValidating(stream); -// -// } catch (Throwable t) { -// throw new ConfigurationException("config.03", null, t); -// } -// -// finally { -// try { -// if (stream != null) { -// stream.close(); -// } -// } catch (IOException e) { -// -// } -// } -// -// try { -// String oldbkuonline = ""; -// String oldbkulocal = ""; -// String oldbkuhandy = ""; -// -// // build the internal datastructures -// builder = new ConfigurationBuilder(configElem, rootConfigFileDir); -// -// -// MOAIDConfiguration moaIDConfig = new MOAIDConfiguration(); -// -// AuthComponentGeneral generalAuth = new AuthComponentGeneral(); -// moaIDConfig.setAuthComponentGeneral(generalAuth); -// -// -// //not supported by MOA-ID 2.0 -// //ConnectionParameter bKUConnectionParameter = builder.buildAuthBKUConnectionParameter(); -// //bKUSelectable = (bKUConnectionParameter!=null); -// //bKUSelectionType = builder.buildAuthBKUSelectionType(); -// -// -// //Load generic Config -// Map<String, String> genericConfiguration = builder.buildGenericConfiguration(); -// GeneralConfiguration authGeneral = new GeneralConfiguration(); -// -// if (genericConfiguration.containsKey(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)) -// authGeneral.setTrustManagerRevocationChecking( -// Boolean.valueOf((String)genericConfiguration.get(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING))); -// else -// authGeneral.setTrustManagerRevocationChecking(true); -// -// if (genericConfiguration.containsKey(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY)) -// authGeneral.setCertStoreDirectory( -// (String)genericConfiguration.get(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY)); -// else -// authGeneral.setTrustManagerRevocationChecking(true); -// -// -// //Load Assertion and Session timeouts -// TimeOuts timeOuts = new TimeOuts(); -// if (genericConfiguration.containsKey(AUTH_DATA_TIMEOUT_PROPERTY)) -// timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_DATA_TIMEOUT_PROPERTY)))); -// else -// timeOuts.setAssertion(BigInteger.valueOf(2*60)); //default 2min -// -// if (genericConfiguration.containsKey(AUTH_SESSION_TIMEOUT_PROPERTY)) -// timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_SESSION_TIMEOUT_PROPERTY)))); -// else -// timeOuts.setAssertion(BigInteger.valueOf(30*60)); //default 30min -// -// timeOuts.setMOASessionUpdated(BigInteger.valueOf(15*60)); //default 15min -// authGeneral.setTimeOuts(timeOuts); -// generalAuth.setGeneralConfiguration(authGeneral); -// -// Protocols auth_protocols = new Protocols(); -// generalAuth.setProtocols(auth_protocols); -// -// LegacyAllowed prot_legacy = new LegacyAllowed(); -// auth_protocols.setLegacyAllowed(prot_legacy); -// final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x"); -// prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED); -// -// //set SAML1 config -// SAML1 saml1 = new SAML1(); -// saml1.setIsActive(true); -// if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID)) -// saml1.setSourceID((String)genericConfiguration.get(GENERIC_CONFIG_PARAM_SOURCEID)); -// auth_protocols.setSAML1(saml1); -// -// //set OAuth config -// OAuth oauth = new OAuth(); -// oauth.setIsActive(true); -// auth_protocols.setOAuth(oauth); -// -// //set PVP2.1 config -// PVP2 prot_pvp2 = new PVP2(); -// auth_protocols.setPVP2(prot_pvp2); -// prot_pvp2.setPublicURLPrefix("https://...."); -// prot_pvp2.setIssuerName("MOA-ID 2.x IDP"); -// -// Organization pvp2_org = new Organization(); -// prot_pvp2.setOrganization(pvp2_org); -// pvp2_org.setDisplayName("OrganisationDisplayName"); -// pvp2_org.setName("OrganisatioName"); -// pvp2_org.setURL("http://testorganisation.at"); -// -// List<Contact> pvp2_contacts = new ArrayList<Contact>(); -// prot_pvp2.setContact(pvp2_contacts); -// -// Contact pvp2_contact = new Contact(); -// pvp2_contact.setCompany("OrganisationDisplayName"); -// pvp2_contact.setGivenName("Max"); -// -// -// List<String> mails = new ArrayList<String>(); -// pvp2_contact.setMail(mails); -// mails.add("max@muster.mann"); -// -// List<String> phones = new ArrayList<String>(); -// pvp2_contact.setPhone(phones); -// phones.add("01 5555 5555"); -// -// pvp2_contact.setSurName("Mustermann"); -// pvp2_contact.setType("technical"); -// pvp2_contacts.add(pvp2_contact); -// -// //SSO -// SSO auth_sso = new SSO(); -// generalAuth.setSSO(auth_sso); -// auth_sso.setTarget(""); -// auth_sso.setFriendlyName(""); -// -// -// //set SecurityLayer Transformations -// String[] transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH); -// String[] transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames); -// -// List<TransformsInfoType> auth_transformInfos = new ArrayList<TransformsInfoType>(); -// if (transformsInfos != null && transformsInfos.length > 0) { -// for (int i=0; i<transformsInfos.length; i++) { -// -// TransformsInfoType transforminfotype = new TransformsInfoType(); -// -// if (transformsInfoFileNames[i] != null && -// transformsInfos[i] != null) { -// String fileURL = FileUtils.makeAbsoluteURL(transformsInfoFileNames[i], rootConfigFileDir); -// Path fileName_ = new File(new URI(fileURL)).toPath().getFileName(); -// transforminfotype.setFilename(fileName_.toString()); -// -// transforminfotype.setTransformation(Base64Utils.encode(transformsInfos[i].getBytes("UTF-8")).getBytes("UTF-8")); -// auth_transformInfos.add(transforminfotype); -// -// } else -// Logger.warn("AuthBlock Transformation " + transformsInfoFileNames[i] -// + "not found."); -// } -// -// } -// -// SecurityLayer auth_securityLayer = new SecurityLayer(); -// auth_securityLayer.setTransformsInfo(auth_transformInfos); -// generalAuth.setSecurityLayer(auth_securityLayer); -// -// -// //set MOASP configuration -// MOASP auth_moaSP = new MOASP(); -// generalAuth.setMOASP(auth_moaSP); -// -// //set MOASP connection -// ConnectionParameter moaSpConnectionParameter = builder.buildMoaSpConnectionParameter(); -// if (moaSpConnectionParameter != null) { -// ConnectionParameterClientAuthType auth_moaSP_connection = -// parseConnectionParameterClientAuth(moaSpConnectionParameter); -// auth_moaSP.setConnectionParameter(auth_moaSP_connection); -// } -// -// //set VerifyIdentityLink -// String moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID(); -// VerifyIdentityLink auth_moaSP_verifyIdentityLink = new VerifyIdentityLink(); -// auth_moaSP_verifyIdentityLink.setTrustProfileID(moaSpIdentityLinkTrustProfileID); -// auth_moaSP.setVerifyIdentityLink(auth_moaSP_verifyIdentityLink); -// -// //set VerifyAuthBlock -// String moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID(); -// VerifyAuthBlock auth_moaSP_verifyAuthBlock = new VerifyAuthBlock(); -// auth_moaSP_verifyAuthBlock.setTrustProfileID(moaSpAuthBlockTrustProfileID); -// String[] moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs(); -// List<String> transformlist = new ArrayList<String>(); -// Collections.addAll(transformlist, moaSpAuthBlockVerifyTransformsInfoIDs); -// auth_moaSP_verifyAuthBlock.setVerifyTransformsInfoProfileID(transformlist); -// auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock); -// -// -// //set IdentityLinkSigners -// IdentityLinkSigners auth_idsigners = new IdentityLinkSigners(); -// generalAuth.setIdentityLinkSigners(auth_idsigners); -// List<String> identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames(); -// auth_idsigners.setX509SubjectName(identityLinkX509SubjectNames); -// -// -// //not supported by MOA-ID 2.0 -// VerifyInfoboxParameters defaultVerifyInfoboxParameters = null; -//// Node defaultVerifyInfoboxParamtersElem = XPathUtils.selectSingleNode(configElem, ConfigurationBuilder.AUTH_VERIFY_INFOBOXES_XPATH); -//// if (defaultVerifyInfoboxParamtersElem != null) { -//// defaultVerifyInfoboxParameters = -//// builder.buildVerifyInfoboxParameters((Element)defaultVerifyInfoboxParamtersElem, null, moaSpIdentityLinkTrustProfileID); -//// } -// -// -// //Set ForeignIdentities -// ForeignIdentities auth_foreign = new ForeignIdentities(); -// generalAuth.setForeignIdentities(auth_foreign); -// -// //set Connection parameters -// ConnectionParameter foreignIDConnectionParameter = builder.buildForeignIDConnectionParameter(); -// ConnectionParameterClientAuthType auth_foreign_connection = -// parseConnectionParameterClientAuth(foreignIDConnectionParameter); -// auth_foreign.setConnectionParameter(auth_foreign_connection); -// -// //set OnlineMandates config -// ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter(); -// if (onlineMandatesConnectionParameter != null) { -// OnlineMandates auth_mandates = new OnlineMandates(); -// generalAuth.setOnlineMandates(auth_mandates); -// auth_mandates.setConnectionParameter( -// parseConnectionParameterClientAuth(onlineMandatesConnectionParameter)); -// } -// -// -// //TODO: add auth template configuration!!! -// -// -// if (oldconfig != null) { -// if (oldconfig.getDefaultBKUs() != null) { -// oldbkuhandy = oldconfig.getDefaultBKUs().getHandyBKU(); -// oldbkulocal = oldconfig.getDefaultBKUs().getLocalBKU(); -// oldbkuonline = oldconfig.getDefaultBKUs().getOnlineBKU(); -// } -// } else { -// List<String> trustbkus = builder.getTrustedBKUs(); -// for (String trustbku : trustbkus) { -// if (MiscUtil.isEmpty(oldbkuonline) && trustbku.endsWith(SEARCHBKUTEMPLATE_ONLINE)) -// oldbkuonline = trustbku; -// -// if (MiscUtil.isEmpty(oldbkuhandy) && trustbku.startsWith(SEARCHBKUTEMPLATE_HANDY)) -// oldbkuhandy = trustbku; -// -// if (MiscUtil.isEmpty(oldbkulocal) && trustbku.startsWith(SEARCHBKUTEMPLATE_LOCAL)) -// oldbkulocal = trustbku; -// } -// -// } -// -// -// //set OnlineApplications -// OAAuthParameter[] onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID); -// -// ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>(); -// moaIDConfig.setOnlineApplication(moa_oas); -// -// for (OAAuthParameter oa : onlineApplicationAuthParameters) { -// OnlineApplication moa_oa = new OnlineApplication(); -// -// //set general OA configuration -// moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird -// moa_oa.setFriendlyName(oa.getFriendlyName()); -// moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier())); -// moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix()); -// moa_oa.setTarget(oa.getTarget()); -// moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName()); -// moa_oa.setType(oa.getOaType()); -// moa_oa.setIsActive(true); -// -// -// AuthComponentOA oa_auth = new AuthComponentOA(); -// moa_oa.setAuthComponentOA(oa_auth); -// -// //SLLayer Version / useIframe -//// oa_auth.setSlVersion(oa.getSlVersion()); -//// oa_auth.setUseIFrame(false); -//// oa_auth.setUseUTC(oa.getUseUTC()); -// -// //BKUURLs -// BKUURLS bkuurls = new BKUURLS(); -// bkuurls.setOnlineBKU(oldbkuonline); -// bkuurls.setHandyBKU(oldbkuhandy); -// bkuurls.setLocalBKU(oldbkulocal); -// oa_auth.setBKUURLS(bkuurls); -// -// //IdentificationNumber -// IdentificationNumber idnumber = new IdentificationNumber(); -// idnumber.setValue(oa.getIdentityLinkDomainIdentifier()); -// idnumber.setType(oa.getIdentityLinkDomainIdentifierType()); -// oa_auth.setIdentificationNumber(idnumber); -// -// //set Templates -// TemplatesType templates = new TemplatesType(); -// oa_auth.setTemplates(templates); -// templates.setAditionalAuthBlockText(""); -// TemplateType template = new TemplateType(); -// template.setURL(oa.getTemplateURL()); -// ArrayList<TemplateType> template_list = new ArrayList<TemplateType>(); -// template_list.add(template); -// templates.setTemplate(template_list); -// -// -// //TransformsInfo not supported by MOAID 2.0 -// String[] transforminfos = oa.getTransformsInfos(); -// for (String e1 : transforminfos) { -// if (MiscUtil.isNotEmpty(e1)) { -// Logger.warn("OA specific transformation for OA " + oa.getPublicURLPrefix() -// + " are not supported. USE AdditionalAuthBlock text!"); -// } -// } -// -// //VerifyInfoBoxes not supported by MOAID 2.0 -// -// //set Mandates -// Mandates oa_mandates = new Mandates(); -// oa_auth.setMandates(oa_mandates); -// List<MandatesProfileNameItem> profileList = new ArrayList<MandatesProfileNameItem>(); -// -// String oldProfiles = oa.getMandateProfiles(); -// if (MiscUtil.isNotEmpty(oldProfiles)) { -// String[] oldprofileList = oldProfiles.split(","); -// for (int i=0; i<oldprofileList.length; i++) { -// MandatesProfileNameItem item = new MandatesProfileNameItem(); -// item.setItem(oldprofileList[i].trim()); -// profileList.add(item); -// } -// oa_mandates.setProfileNameItems(profileList ); -// } -// -// //STORK -// //TODO: OA specific STORK config is deactivated in MOA 1.5.2 -// -// //SSO -// OASSO oa_sso = new OASSO(); -// oa_auth.setOASSO(oa_sso); -// oa_sso.setUseSSO(true); -// oa_sso.setSingleLogOutURL(""); -// oa_sso.setAuthDataFrame(true); -// -// //OA_SAML1 -// OASAML1 oa_saml1 = new OASAML1(); -// oa_auth.setOASAML1(oa_saml1); -// oa_saml1.setConditionLength(BigInteger.valueOf(oa.getConditionLength())); -// oa_saml1.setProvideAUTHBlock(oa.getProvideAuthBlock()); -// oa_saml1.setProvideCertificate(oa.getProvideCertifcate()); -// oa_saml1.setProvideFullMandatorData(oa.getProvideFullMandatorData()); -// oa_saml1.setProvideIdentityLink(oa.getProvideIdentityLink()); -// oa_saml1.setProvideStammzahl(oa.getProvideStammzahl()); -// oa_saml1.setUseCondition(oa.getUseCondition()); -// oa_saml1.setIsActive(true); -// oa_saml1.setProvideAllErrors(false); -// -// //OA_PVP2 -// OAPVP2 oa_pvp2 = new OAPVP2(); -// oa_auth.setOAPVP2(oa_pvp2); -// -// moa_oas.add(moa_oa); -// //ConfigurationDBUtils.save(moa_oa); -// } -// -// //removed from MOAID 2.0 config -// //identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames(); -// -// -// //set chaining modes -// ChainingModes moa_chainingModes = new ChainingModes(); -// moaIDConfig.setChainingModes(moa_chainingModes); -// -// -// -// String defaultmode = builder.getDefaultChainingMode(); -// ChainingModeType type; -// if (defaultmode.equals(iaik.pki.pathvalidation.ChainingModes.CHAIN_MODE)) -// type = ChainingModeType.CHAINING; -// else -// type = ChainingModeType.PKIX; -// -// -// moa_chainingModes.setSystemDefaultMode(type); -// -// Map<IssuerAndSerial, String> chainingModes = builder.buildChainingModes(); -// List<TrustAnchor> chaining_anchor = new ArrayList<TrustAnchor>(); -// Set<IssuerAndSerial> chaining_anchor_map = chainingModes.keySet(); -// for (IssuerAndSerial e1 : chaining_anchor_map) { -// TrustAnchor trustanchor = new TrustAnchor(); -// -// ChainingModeType type1 = ChainingModeType.fromValue(chainingModes.get(e1)); -// trustanchor.setMode(type1); -// -// trustanchor.setX509IssuerName(e1.getIssuerDN()); -// trustanchor.setX509SerialNumber(e1.getSerial()); -// chaining_anchor.add(trustanchor); -// } -// moa_chainingModes.setTrustAnchor(chaining_anchor); -// -// -// //set trustedCACertificate path -// moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates()); -// -// -// //Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates) -// //trustedBKUs = builder.getTrustedBKUs(); -// //trustedTemplateURLs = builder.getTrustedTemplateURLs(); -// -// -// //set DefaultBKUs -// DefaultBKUs moa_defaultbkus = new DefaultBKUs(); -// moaIDConfig.setDefaultBKUs(moa_defaultbkus); -// moa_defaultbkus.setOnlineBKU(oldbkuonline); -// moa_defaultbkus.setHandyBKU(oldbkuhandy); -// moa_defaultbkus.setLocalBKU(oldbkulocal); -// -// -// //set SLRequest Templates -// SLRequestTemplates moa_slrequesttemp = new SLRequestTemplates(); -// moaIDConfig.setSLRequestTemplates(moa_slrequesttemp); -// moa_slrequesttemp.setOnlineBKU("http://localhost:8080/moa-id-auth/template_onlineBKU.html"); -// moa_slrequesttemp.setHandyBKU("http://localhost:8080/moa-id-auth/template_handyBKU.html"); -// moa_slrequesttemp.setLocalBKU("http://127.0.0.1:8080/moa-id-auth/template_localBKU.html"); -// -// return moaIDConfig; -// -// } catch (Throwable t) { -// throw new ConfigurationException("config.02", null, t); -// } -// } -// -// private static ConnectionParameterClientAuthType parseConnectionParameterClientAuth( -// ConnectionParameter old) { -// ConnectionParameterClientAuthType auth_moaSP_connection = new ConnectionParameterClientAuthType(); -// auth_moaSP_connection.setURL(old.getUrl()); -// -// //TODO: remove from Database config!!!!! -//// auth_moaSP_connection.setAcceptedServerCertificates(old.getAcceptedServerCertificates()); -//// ClientKeyStore auth_moaSP_connection_keyStore = new ClientKeyStore(); -//// auth_moaSP_connection_keyStore.setValue(old.getClientKeyStore()); -//// auth_moaSP_connection_keyStore.setPassword(old.getClientKeyStorePassword()); -//// auth_moaSP_connection.setClientKeyStore(auth_moaSP_connection_keyStore); -// return auth_moaSP_connection; -// } -// -// private static Properties getGeneralPVP2ProperiesConfig(Properties props) { -// Properties configProp = new Properties(); -// for (Object key : props.keySet()) { -// String propPrefix = "protocols.pvp2."; -// if (key.toString().startsWith(propPrefix)) { -// String propertyName = key.toString().substring(propPrefix.length()); -// configProp.put(propertyName, props.get(key.toString())); -// } -// } -// return configProp; -// } -//} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java deleted file mode 100644 index 1d9f738be..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java +++ /dev/null @@ -1,120 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/** - * - */ -package at.gv.egovernment.moa.id.config.legacy; - -import java.net.URL; -import java.util.ArrayList; -import java.util.List; - -import org.opensaml.saml2.metadata.RequestedAttribute; - -/** - * Encpasulates C-PEPS information according MOA configuration - * - * @author bzwattendorfer - * - */ -public class CPEPS { - - /** Country Code of C-PEPS */ - private String countryCode; - - /** URL of C-PEPS */ - private URL pepsURL; - - /** Specific attributes to be requested for this C-PEPS */ - private List<RequestedAttribute> countrySpecificRequestedAttributes = new ArrayList<RequestedAttribute>(); - - /** - * Constructs a C-PEPS - * @param countryCode ISO Country Code of C-PEPS - * @param pepsURL URL of C-PEPS - */ - public CPEPS(String countryCode, URL pepsURL) { - super(); - this.countryCode = countryCode; - this.pepsURL = pepsURL; - } - - /** - * Gets the country code of this C-PEPS - * @return ISO country code - */ - public String getCountryCode() { - return countryCode; - } - - /** - * Sets the country code of this C-PEPS - * @param countryCode ISO country code - */ - public void setCountryCode(String countryCode) { - this.countryCode = countryCode; - } - - /** - * Gets the URL of this C-PEPS - * @return C-PEPS URL - */ - public URL getPepsURL() { - return pepsURL; - } - - /** - * Sets the C-PEPS URL - * @param pepsURL C-PEPS URL - */ - public void setPepsURL(URL pepsURL) { - this.pepsURL = pepsURL; - } - - /** - * Gets the country specific attributes of this C-PEPS - * @return List of country specific attributes - */ - public List<RequestedAttribute> getCountrySpecificRequestedAttributes() { - return countrySpecificRequestedAttributes; - } - - /** - * Sets the country specific attributes - * @param countrySpecificRequestedAttributes List of country specific requested attributes - */ - public void setCountrySpecificRequestedAttributes( - List<RequestedAttribute> countrySpecificRequestedAttributes) { - this.countrySpecificRequestedAttributes = countrySpecificRequestedAttributes; - } - - /** - * Adds a Requested attribute to the country specific attribute List - * @param countrySpecificRequestedAttribute Additional country specific requested attribute to add - */ - public void addCountrySpecificRequestedAttribute(RequestedAttribute countrySpecificRequestedAttribute) { - this.countrySpecificRequestedAttributes.add(countrySpecificRequestedAttribute); - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java deleted file mode 100644 index 6ad45d8c9..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java +++ /dev/null @@ -1,1253 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -import iaik.pki.pathvalidation.ChainingModes; -import iaik.utils.RFC2253NameParser; -import iaik.utils.RFC2253NameParserException; - -import java.io.IOException; -import java.math.BigInteger; -import java.security.Principal; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Hashtable; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Vector; - -import org.w3c.dom.Attr; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.w3c.dom.traversal.NodeIterator; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.data.Schema; -import at.gv.egovernment.moa.id.auth.data.SchemaImpl; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.legacy.OAAuthParameter; -import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameter; -import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameters; -import at.gv.egovernment.moa.id.config.legacy.SignatureCreationParameter; -import at.gv.egovernment.moa.id.data.IssuerAndSerial; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.BoolUtils; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.FileUtils; -import at.gv.egovernment.moa.util.StringUtils; -import at.gv.egovernment.moa.util.XPathException; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * A class that builds configuration data from a DOM based representation. - * - * @author Patrick Peck - * @author Stefan Knirsch - * @version $Id$ - */ -public class ConfigurationBuilder { - - // - // XPath namespace prefix shortcuts - // - /** an XPATH-Expression */ - protected static final String CONF = Constants.MOA_ID_CONFIG_PREFIX + ":"; - /** an XPATH-Expression */ - protected static final String DSIG = Constants.DSIG_PREFIX + ":"; - - /** an XPATH-Expression */ - protected static final String STORK = Constants.STORK_PREFIX + ":"; - - /** an XPATH-Expression */ - protected static final String STORKP= Constants.STORKP_PREFIX + ":"; - - // - // chaining mode constants appearing in the configuration file - // - /** an XPATH-Expression */ - protected static final String CM_CHAINING = "chaining"; - /** an XPATH-Expression */ - protected static final String CM_PKIX = "pkix"; - /** an XPATH-Expression */ - protected static final String DEFAULT_ENCODING = "UTF-8"; - - // - // XPath expressions to select certain parts of the configuration - // - /** an XPATH-Expression */ - protected static final String ROOT = "/" + CONF + "MOA-IDConfiguration/"; - - /** an XPATH-Expression */ - protected static final String AUTH_BKU_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "BKUSelection"; - /** an XPATH-Expression */ - protected static final String AUTH_BKUSELECT_TEMPLATE_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "BKUSelectionTemplate/@URL"; - /** an XPATH-Expression */ - protected static final String AUTH_TEMPLATE_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "Template/@URL"; - /** an XPATH-Expression */ - public static final String AUTH_TEMPLATE_ONLINEMANDATES_BKU_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU"; - - - //protected static final String AUTH_MANDATE_TEMPLATE_XPATH = -// ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "MandateTemplate/@URL"; - /** an XPATH-Expression */ - protected static final String INPUT_PROCESSOR_TEMPLATE_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "InputProcessorSignTemplate/@URL"; - /** an XPATH-Expression */ - public static final String AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "SecurityLayer/" + CONF + "TransformsInfo/@filename"; - /** an XPATH-Expression */ - protected static final String AUTH_MOA_SP_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP"; - /** an XPATH-Expression */ - protected static final String AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyIdentityLink/" + CONF + "TrustProfileID"; - /** an XPATH-Expression */ - protected static final String AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "TrustProfileID"; - /** an XPATH-Expression */ - protected static final String AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "VerifyTransformsInfoProfileID"; - - /** an XPATH-Expression */ - protected static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "IdentityLinkSigners/" + CONF + "X509SubjectName"; - - /** an XPATH-Expression */ - public static final String AUTH_VERIFY_INFOBOXES_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "VerifyInfoboxes"; - - /** an XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities"; - - /** an XPATH-Expression */ - public static final String AUTH_ONLINEMANDATES_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "OnlineMandates"; - - - - /** an XPATH-Expression */ - protected static final String OA_XPATH = ROOT + CONF + "OnlineApplication"; - /** an XPATH-Expression */ - protected static final String OA_LOGIN_XPATH = ROOT + CONF + "OnlineApplication/@loginURL"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_XPATH = CONF + "AuthComponent"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_IDENT_NUMBER_XPATH = CONF + "IdentificationNumber"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH = - CONF + "Templates/" + CONF + "BKUSelectionTemplate/@URL"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_TEMPLATE_XPATH = - CONF + "Templates/" + CONF + "Template/@URL"; - /** an XPATH-Expression */ - public static final String OA_AUTH_COMPONENT_TEMPLATE_ONLINEMANDATES_BKU_XPATH = - CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU"; - //protected static final String OA_AUTH_COMPONENT_MANDATE_TEMPLATE_XPATH = - //CONF + "Templates/" + CONF + "MandateTemplate/@URL"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH = CONF + "VerifyInfoboxes"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_MANDATES_PROFILES_XPATH = CONF + "Mandates" + "/" + CONF + "Profiles"; - /** an XPATH-Expression */ - protected static final String CONNECTION_PARAMETER_URL_XPATH = - CONF + "ConnectionParameter/@URL"; - /** an XPATH-Expression */ - protected static final String CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH = - CONF + "ConnectionParameter/" + CONF + "AcceptedServerCertificates"; - /** an XPATH-Expression */ - protected static final String CONNECTION_PARAMETERN_KEYSTORE_XPATH = - CONF + "ConnectionParameter/" + CONF + "ClientKeyStore"; - /** an XPATH-Expression */ - protected static final String CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH = - CONNECTION_PARAMETERN_KEYSTORE_XPATH + "/@password"; - /** an XPATH-Expression */ - protected static final String GENERIC_CONFIGURATION_XPATH = - ROOT + CONF + "GenericConfiguration"; - - /** an XPATH-Expression */ - protected static final String TRUSTED_BKUS = - ROOT + CONF + "TrustedBKUs/" + CONF + "BKUURL"; - - protected static final String TRUSTED_TEMPLATEURLS = - ROOT + CONF + "TrustedTemplateURLs/" + CONF + "TemplateURL"; - - - /** an XPATH-Expression */ - protected static final String CHAINING_MODES_XPATH = - ROOT + CONF + "ChainingModes"; - /** an XPATH-Expression */ - protected static final String CHAINING_MODES_DEFAULT_XPATH = - CHAINING_MODES_XPATH + "/@systemDefaultMode"; - /** an XPATH-Expression */ - protected static final String TRUST_ANCHOR_XPATH = - ROOT + CONF + "ChainingModes/" + CONF + "TrustAnchor"; - /** an XPATH-Expression */ - protected static final String ISSUER_XPATH = DSIG + "X509IssuerName"; - /** an XPATH-Expression */ - protected static final String SERIAL_XPATH = DSIG + "X509SerialNumber"; - /** an XPATH-Expression */ - protected static final String TRUSTED_CA_CERTIFICATES_XPATH = - ROOT + CONF + "TrustedCACertificates"; - - /** an XPATH-Expression */ - protected static final String VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH = CONF + "DefaultTrustProfile"; - /** an XPATH-Expression */ - protected static final String VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH = CONF + "TrustProfileID"; - /** an XPATH-Expression */ - protected static final String VERIFY_INFOBOXES_INFOBOX_XPATH = CONF + "Infobox"; - - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS = - ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities/" + CONF + "STORK/" + CONF + "C-PEPS"; - - /** STORK Config AttributeName */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE = "countryCode"; - - /** STORK Config AttributeName */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL = "URL"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_CREATION_PARAMETER = - ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities/" + CONF + "STORK/" + CONF + "SAMLSigningParameter/" + - CONF + "SignatureCreationParameter" ; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_REQUESTED_ATTRIBUTES = - STORK + "RequestedAttribute"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER = - ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities/" + CONF + "STORK/" + CONF + "SAMLSigningParameter/" + - CONF + "SignatureVerificationParameter"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE = - CONF + "KeyStore"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME = - CONF + "KeyName"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE_PASSWORD = - CONF + "KeyStore/@password"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME_PASSWORD = - CONF + "KeyName/@password"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID = - CONF + "TrustProfileID"; - - /** STORK Config XPATH-Expression */ - public static final String OA_AUTH_COMPONENT_STORK_QAA = - CONF + "STORK/" + STORK + "QualityAuthenticationAssuranceLevel"; - - /** STORK Config XPATH-Expression */ - public static final String OA_AUTH_COMPONENT_STORK_REQUESTED_ATTRIBUTE = - CONF + "STORK/" + STORKP + "RequestedAttributes/" + STORK + "RequestedAttribute"; - - /** - * main configuration file directory name used to configure MOA-ID - */ - protected String rootConfigFileDir_; - - /** The root element of the MOA-ID configuration */ - protected Element configElem_; - - /** - * Creates a new <code>MOAConfigurationProvider</code>. - * - * @param configElem The root element of the MOA-ID configuration. - */ - public ConfigurationBuilder(Element configElem, String rootConfigDir) { - configElem_ = configElem; - rootConfigFileDir_ = rootConfigDir; - } - - /** - * Returns the root element of the MOA-ID configuration. - * - * @return The root element of the MOA-ID configuration. - */ - public Element getConfigElem() { - return configElem_; - } - - /** - * Build a ConnectionParameter object containing all information - * of the moa-sp element in the authentication component - * @return ConnectionParameter of the authentication component moa-sp element - */ - public ConnectionParameter buildAuthBKUConnectionParameter() { - - Element authBKU = (Element) XPathUtils.selectSingleNode(configElem_, AUTH_BKU_XPATH); - if (authBKU==null) return null; - return buildConnectionParameter(authBKU); - } - - /** - * Build a ConnectionParameter containing all information - * of the foreignid element in the authentication component - * @return ConnectionParameter of the authentication component foreignid element - */ - public ConnectionParameter buildForeignIDConnectionParameter() { - Element foreignid = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_XPATH); - if (foreignid==null) return null; - return buildConnectionParameter(foreignid); - - } - - /** - * Build a ConnectionParameter containing all information - * of the OnlineMandates element in the authentication component - * @return ConnectionParameter of the authentication component OnlineMandates element - */ - public ConnectionParameter buildOnlineMandatesConnectionParameter() { - Element onlinemandates = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_ONLINEMANDATES_XPATH); - if (onlinemandates==null) return null; - return buildConnectionParameter(onlinemandates); - - } - - /** - * Method buildAuthBKUSelectionType. - * - * Build a string with the configuration value of BKUSelectionAlternative - * - * @return String - */ - public String buildAuthBKUSelectionType() { - - Element authBKU = (Element) XPathUtils.selectSingleNode(configElem_, AUTH_BKU_XPATH); - if (authBKU==null) return null; - return (authBKU).getAttribute("BKUSelectionAlternative"); - } - - /** - * Build a string array with all filenames leading - * to the Transforms Information for the Security Layer - * @param contextNode The node from which should be searched - * @param xpathExpr The XPATH expression for the search - * @return String[] of filenames to the Security Layer Transforms Information - * or <code>null</code> if no transforms are included - */ - public String[] buildTransformsInfoFileNames(Node contextNode, String xpathExpr) { - - List transformsInfoFileNames = new ArrayList(); - - try { - NodeIterator tiIter = XPathUtils.selectNodeIterator(contextNode, xpathExpr); - - Attr tiElem; - while ((tiElem = (Attr) tiIter.nextNode()) != null) { - String tiFileName = tiElem.getNodeValue(); - transformsInfoFileNames.add(tiFileName); - } - - String[] result = new String[transformsInfoFileNames.size()]; - transformsInfoFileNames.toArray(result); - - return result; - } catch (XPathException xpe) { - return new String[0]; - } - } - - - /** - * Loads the <code>transformsInfos</code> from files. - * @throws Exception on any exception thrown - */ - public String[] loadTransformsInfos(String[] transformsInfoFileNames) throws Exception { - - String[] transformsInfos; - - transformsInfos = new String[transformsInfoFileNames.length]; - for (int i = 0; i < transformsInfoFileNames.length; i++) { - - String fileURL = transformsInfoFileNames[i]; - try { - // if fileURL is relative to rootConfigFileDir make it absolute - fileURL = FileUtils.makeAbsoluteURL(fileURL, rootConfigFileDir_); - - String transformsInfo = FileUtils.readURL(fileURL, DEFAULT_ENCODING); - transformsInfos[i] = transformsInfo; - - } catch (IOException e) { - Logger.info("Transformation with URL " + fileURL + " can not be loaded"); - } - } - - return transformsInfos; - } - - /** - * Build a ConnectionParameter bean containing all information - * of the authentication component moa-sp element - * @return ConnectionParameter of the authentication component moa-sp element - */ - public ConnectionParameter buildMoaSpConnectionParameter() { - - Element connectionParameter = (Element) XPathUtils.selectSingleNode(configElem_, AUTH_MOA_SP_XPATH); - if (connectionParameter==null) return null; - return buildConnectionParameter(connectionParameter); - } - - /** - * Return a string with a url-reference to the VerifyIdentityLink trust - * profile id within the moa-sp part of the authentication component - * @return String with a url-reference to the VerifyIdentityLink trust profile ID - */ - public String getMoaSpIdentityLinkTrustProfileID() { - return XPathUtils.getElementValue( - configElem_, - AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH, - ""); - } - /** - * Return a string representation of an URL pointing to trusted CA Certificates - * @return String representation of an URL pointing to trusted CA Certificates - */ - public String getTrustedCACertificates() { - return XPathUtils.getElementValue( - configElem_, - TRUSTED_CA_CERTIFICATES_XPATH,null); - } - - /** - * Return a string with a url-reference to the VerifyAuthBlock trust - * profile id within the moa-sp part of the authentication component - * @return String with a url-reference to the VerifyAuthBlock trust profile ID - */ - public String getMoaSpAuthBlockTrustProfileID() { - return XPathUtils.getElementValue( - configElem_, - AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH, - ""); - } - /** - * Build a string array with references to all verify transform info - * IDs within the moa-sp part of the authentication component - * @return A string array containing all urls to the - * verify transform info IDs - */ - public String[] buildMoaSpAuthBlockVerifyTransformsInfoIDs() { - - List verifyTransformsInfoIDs = new ArrayList(); - NodeIterator vtIter = - XPathUtils.selectNodeIterator( - configElem_, - AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH); - Element vtElem; - - while ((vtElem = (Element) vtIter.nextNode()) != null) { - - String vtInfoIDs = DOMUtils.getText(vtElem); - verifyTransformsInfoIDs.add(vtInfoIDs); - } - String[] result = new String[verifyTransformsInfoIDs.size()]; - verifyTransformsInfoIDs.toArray(result); - - return result; - } - - public List getTrustedBKUs() { - - List trustedBKUs = new ArrayList(); - - NodeIterator bkuIter = XPathUtils.selectNodeIterator(configElem_, TRUSTED_BKUS); - - Element vtElem; - - while ((vtElem = (Element) bkuIter.nextNode()) != null) { - String bkuURL = DOMUtils.getText(vtElem); - trustedBKUs.add(bkuURL); - } - - return trustedBKUs; - - } - -public List getTrustedTemplateURLs() { - - List trustedTemplateURLs = new ArrayList(); - - NodeIterator bkuIter = XPathUtils.selectNodeIterator(configElem_, TRUSTED_TEMPLATEURLS); - - Element vtElem; - - while ((vtElem = (Element) bkuIter.nextNode()) != null) { - String bkuURL = DOMUtils.getText(vtElem); - trustedTemplateURLs.add(bkuURL); - } - - return trustedTemplateURLs; - - } - - /** - * Returns a list containing all X509 Subject Names - * of the Identity Link Signers - * @return a list containing the configured identity-link signer X509 subject names - */ - public List getIdentityLink_X509SubjectNames() { - - Vector x509SubjectNameList = new Vector(); - NodeIterator x509Iter = - XPathUtils.selectNodeIterator( - configElem_, - AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH); - Element x509Elem; - - while ((x509Elem = (Element) x509Iter.nextNode()) != null) { - String vtInfoIDs = DOMUtils.getText(x509Elem); - x509SubjectNameList.add(vtInfoIDs); - } - - // now add the default identity link signers - String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; - for (int i=0; i<identityLinkSignersWithoutOID.length; i++) { - String identityLinkSigner = identityLinkSignersWithoutOID[i]; - if (!x509SubjectNameList.contains(identityLinkSigner)) { - x509SubjectNameList.add(identityLinkSigner); - } - } - - return x509SubjectNameList; - } - - /** - * Build an array of the OnlineApplication Parameters containing information - * about the authentication component - * - * @param defaultVerifyInfoboxParameters Default parameters for verifying additional - * infoboxes. Maybe <code>null</code>. - * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating - * the identity link signer certificate. Needed for - * checking if this ID is not used for validating other - * infoboxes. - * - * @return An OAProxyParameter array containing beans - * with all relevant information for the authentication component of the online - * application - */ - public OAAuthParameter[] buildOnlineApplicationAuthParameters( - VerifyInfoboxParameters defaultVerifyInfoboxParameters, String moaSpIdentityLinkTrustProfileID) - throws ConfigurationException - { - - String bkuSelectionTemplateURL = - XPathUtils.getAttributeValue(configElem_, AUTH_BKUSELECT_TEMPLATE_XPATH, null); - String templateURL = - XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null); - String inputProcessorSignTemplateURL = - XPathUtils.getAttributeValue(configElem_, INPUT_PROCESSOR_TEMPLATE_XPATH, null); - - - List OA_set = new ArrayList(); - NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH); - - for (int i = 0; i < OAIter.getLength(); i++) { - Element oAElem = (Element) OAIter.item(i); - Element authComponent = - (Element) XPathUtils.selectSingleNode(oAElem, OA_AUTH_COMPONENT_XPATH); - - OAAuthParameter oap = new OAAuthParameter(); - String publicURLPrefix = oAElem.getAttribute("publicURLPrefix"); - oap.setPublicURLPrefix(publicURLPrefix); - oap.setKeyBoxIdentier(oAElem.getAttribute("keyBoxIdentifier")); - oap.setFriendlyName(oAElem.getAttribute("friendlyName")); - String targetConfig = oAElem.getAttribute("target"); - String targetFriendlyNameConfig = oAElem.getAttribute("targetFriendlyName"); - - // get the type of the online application - String oaType = oAElem.getAttribute("type"); - oap.setOaType(oaType); - String slVersion = "1.1"; - if ("businessService".equalsIgnoreCase(oaType)) { - if (authComponent==null) { - Logger.error("Missing \"AuthComponent\" for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - Element identificationNumberElem = - (Element) XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_IDENT_NUMBER_XPATH); - if (identificationNumberElem==null) { - Logger.error("Missing \"IdentificationNumber\" for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - Element identificationNumberChild = DOMUtils.getElementFromNodeList(identificationNumberElem.getChildNodes()); - if (identificationNumberChild == null) { - Logger.error("Missing \"IdentificationNumber\" for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - - if (!StringUtils.isEmpty(targetConfig)) { - Logger.error("Target attribute can not be set for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - if (!StringUtils.isEmpty(targetFriendlyNameConfig)) { - Logger.error("Target friendly name attribute can not be set for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - - - if ("false".equalsIgnoreCase(oAElem.getAttribute("calculateHPI"))) { - oap.setIdentityLinkDomainIdentifier(buildIdentityLinkDomainIdentifier(identificationNumberChild)); - //BZ.., setting type of IdLinkDomainIdentifier - oap.setIdentityLinkDomainIdentifierType(identificationNumberChild.getLocalName()); - //..BZ - } else { - // If we have business service and want to dealt with GDA, the security layer can be advised to calulate - // the Health Professional Identifier HPI instead of the wbPK - Logger.info("OA uses HPI for Identification"); - oap.setIdentityLinkDomainIdentifier(Constants.URN_PREFIX_HPI); - } - - // if OA type is "businessSErvice" set slVersion to 1.2 and ignore parameter in config file - Logger.info("OA type is \"businessService\"; setting Security Layer version to 1.2"); - slVersion = "1.2"; - - } else { - - if (StringUtils.isEmpty(targetConfig) && !StringUtils.isEmpty(targetFriendlyNameConfig)) { - Logger.error("Target friendly name attribute can not be set alone for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - oap.setTarget(targetConfig); - oap.setTargetFriendlyName(targetFriendlyNameConfig); - - if (authComponent!=null) { - slVersion = authComponent.getAttribute("slVersion"); - } - - - } - oap.setSlVersion(slVersion); - //Check if there is an Auth-Block to read from configuration - - if (authComponent!=null) - { - oap.setProvideStammzahl(BoolUtils.valueOf(authComponent.getAttribute("provideStammzahl"))); - oap.setProvideAuthBlock(BoolUtils.valueOf(authComponent.getAttribute("provideAUTHBlock"))); - oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink"))); - oap.setProvideCertificate(BoolUtils.valueOf(authComponent.getAttribute("provideCertificate"))); - oap.setProvideFullMandatorData(BoolUtils.valueOf(authComponent.getAttribute("provideFullMandatorData"))); - oap.setUseUTC(BoolUtils.valueOf(authComponent.getAttribute("useUTC"))); - oap.setUseCondition(BoolUtils.valueOf(authComponent.getAttribute("useCondition"))); - oap.setConditionLength(buildConditionLength(authComponent.getAttribute("conditionLength"))); - oap.setBkuSelectionTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH, bkuSelectionTemplateURL)); - oap.setTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_TEMPLATE_XPATH, templateURL)); - -// System.out.println(publicURLPrefix); -// System.out.println("useCondition: " + oap.getUseCondition()); -// System.out.println("conditionLength: " + oap.getConditionLength()); - - oap.setInputProcessorSignTemplateURL(buildTemplateURL(authComponent, INPUT_PROCESSOR_TEMPLATE_XPATH, inputProcessorSignTemplateURL)); - // load OA specific transforms if present - String[] transformsInfoFileNames = buildTransformsInfoFileNames(authComponent, OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH); - try { - oap.setTransformsInfos(loadTransformsInfos(transformsInfoFileNames)); - } catch (Exception ex) { - Logger.error("Error loading transforms specified for OA \"" + publicURLPrefix + "\"; using default transforms."); - } - Node verifyInfoboxParamtersNode = XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH); - oap.setVerifyInfoboxParameters(buildVerifyInfoboxParameters( - verifyInfoboxParamtersNode, defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID)); - - Node mandateProfilesNode = XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_MANDATES_PROFILES_XPATH); - if (mandateProfilesNode != null) { - if ("businessService".equalsIgnoreCase(oaType)) { - Logger.error("No Online Mandate Modus for OA of type \"businessService\" allowed."); - throw new ConfigurationException("config.02", null); - } - else { - String profiles = DOMUtils.getText(mandateProfilesNode); - oap.setMandateProfiles(profiles); - } - } - - //add STORK Configuration specific to OA (RequestedAttributes, QAALevel) - //QualityAuthenticationAssuranceLevel qaaLevel = buildOaSTORKQAALevel(authComponent); - //if (qaaLevel != null) { - // oap.setQaaLevel(qaaLevel); - // Logger.debug("Using non-MOA-default STORK QAALevel for this OA " + "(" + oap.getPublicURLPrefix() + "): " + qaaLevel.getValue()); - //} - - //RequestedAttributes additionalRequestedAttributes = buildOaSTORKRequestedAttributes(authComponent); - // - //if(!additionalRequestedAttributes.getRequestedAttributes().isEmpty()) { - // //we have additional STORK attributes to request for this OA - // Logger.debug("Using non-MOA-default STORK RequestedAttributes for this OA " + "(" + oap.getPublicURLPrefix() + "): "); - // for (RequestedAttribute addReqAttr : additionalRequestedAttributes.getRequestedAttributes()) { - // if (!SAMLUtil.containsAttribute(oap.getRequestedAttributes().getRequestedAttributes(),addReqAttr.getName())) { - /// addReqAttr.detach(); - // oap.getRequestedAttributes().getRequestedAttributes().add(addReqAttr); - // Logger.debug("Requesting additional attribute: " + addReqAttr.getName() + ", isRequired: " + addReqAttr.isRequired()); - // } - // } - - //} else { - // //do nothing, only request default attributes - //} - - - } - OA_set.add(oap); - } - OAAuthParameter[] result = - new OAAuthParameter[OA_set.size()]; - OA_set.toArray(result); - - return result; - - } - - /** - * Returns the condition length as int - * @param length the condition length as int - * @return - */ - private int buildConditionLength(String length) { - - if (StringUtils.isEmpty(length)) - return -1; - else - return new Integer(length).intValue(); - } - - /** - * Builds the URL for a BKUSelectionTemplate or a Template. The method selects - * the uri string from the MOA ID configuration file via the given xpath expression - * and returns either this string or the default value. - * - * @param oaAuthComponent The AuthComponent element to get the template from. - * @param xpathExpr The xpath expression for selecting the template uri. - * @param defaultURL The default template url. - * @return The template url. This may either the via xpath selected uri - * or, if no template is specified within the online appliacation, - * the default url. Both may be <code>null</code>. - */ - protected String buildTemplateURL(Element oaAuthComponent, String xpathExpr, String defaultURL) { - String templateURL = XPathUtils.getAttributeValue(oaAuthComponent, xpathExpr, defaultURL); - if (templateURL != null) { - templateURL = FileUtils.makeAbsoluteURL(templateURL, rootConfigFileDir_); - } - return templateURL; - } - - - - - - - /** - * Method buildConnectionParameter: internal Method for creating a - * ConnectionParameter object with all data found in the incoming element - * @param root This Element contains the ConnectionParameter - * @return ConnectionParameter - */ - protected ConnectionParameter buildConnectionParameter(Element root) - { - ConnectionParameter result = new ConnectionParameter(); - result.setAcceptedServerCertificates( - XPathUtils.getElementValue(root,CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH,null)); - - result.setAcceptedServerCertificates(FileUtils.makeAbsoluteURL( - result.getAcceptedServerCertificates(), rootConfigFileDir_)); - - result.setUrl( - XPathUtils.getAttributeValue(root, CONNECTION_PARAMETER_URL_XPATH, "")); - result.setClientKeyStore( - XPathUtils.getElementValue(root,CONNECTION_PARAMETERN_KEYSTORE_XPATH,null)); - - result.setClientKeyStore(FileUtils.makeAbsoluteURL( - result.getClientKeyStore(), rootConfigFileDir_)); - - result.setClientKeyStorePassword( - XPathUtils.getAttributeValue(root,CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH,"")); - - if ((result.getAcceptedServerCertificates()==null) - && (result.getUrl()=="") - && (result.getClientKeyStore()==null) - && (result.getClientKeyStorePassword()=="")) - return null; - - return result; - } - - - /** - * Build the mapping of generic configuration properties. - * - * @return a {@link Map} of generic configuration properties (a name to value - * mapping) from the configuration. - */ - public Map buildGenericConfiguration() { - - Map genericConfiguration = new HashMap(); - NodeIterator gcIter = - XPathUtils.selectNodeIterator( - configElem_, - GENERIC_CONFIGURATION_XPATH); - Element gcElem; - - while ((gcElem = (Element) gcIter.nextNode()) != null) { - String gcName = gcElem.getAttribute("name"); - String gcValue = gcElem.getAttribute("value"); - - genericConfiguration.put(gcName, gcValue); - } - - return genericConfiguration; - } - - - /** - * Returns the default chaining mode from the configuration. - * - * @return The default chaining mode. - */ - public String getDefaultChainingMode() { - String defaultChaining = - XPathUtils.getAttributeValue( - configElem_, - CHAINING_MODES_DEFAULT_XPATH, - CM_CHAINING); - - return translateChainingMode(defaultChaining); - - } - /** - * Build the chaining modes for all configured trust anchors. - * - * @return The mapping from trust anchors to chaining modes. - */ - public Map buildChainingModes() { - Map chainingModes = new HashMap(); - NodeIterator trustIter = - XPathUtils.selectNodeIterator(configElem_, TRUST_ANCHOR_XPATH); - Element trustAnchorElem; - - while ((trustAnchorElem = (Element) trustIter.nextNode()) != null) { - IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(trustAnchorElem); - String mode = trustAnchorElem.getAttribute("mode"); - - if (issuerAndSerial != null) { - chainingModes.put(issuerAndSerial, translateChainingMode(mode)); - } - } - - return chainingModes; - } - - /** - * Build an <code>IssuerAndSerial</code> from the DOM representation. - * - * @param root The root element (being of type <code>dsig: - * X509IssuerSerialType</code>. - * @return The issuer and serial number contained in the <code>root</code> - * element or <code>null</code> if could not be built for any reason. - */ - protected IssuerAndSerial buildIssuerAndSerial(Element root) { - String issuer = XPathUtils.getElementValue(root, ISSUER_XPATH, null); - String serial = XPathUtils.getElementValue(root, SERIAL_XPATH, null); - - if (issuer != null && serial != null) { - try { - RFC2253NameParser nameParser = new RFC2253NameParser(issuer); - Principal issuerDN = nameParser.parse(); - - return new IssuerAndSerial(issuerDN, new BigInteger(serial)); - } catch (RFC2253NameParserException e) { - warn("config.09", new Object[] { issuer, serial }, e); - return null; - } catch (NumberFormatException e) { - warn("config.09", new Object[] { issuer, serial }, e); - return null; - } - } - return null; - } - - /** - * Translate the chaining mode from the configuration file to one used in the - * IAIK MOA API. - * - * @param chainingMode The chaining mode from the configuration. - * @return The chaining mode as provided by the <code>ChainingModes</code> - * interface. - * @see iaik.pki.pathvalidation.ChainingModes - */ - protected String translateChainingMode(String chainingMode) { - if (chainingMode.equals(CM_CHAINING)) { - return ChainingModes.CHAIN_MODE; - } else if (chainingMode.equals(CM_PKIX)) { - return ChainingModes.PKIX_MODE; - } else { - return ChainingModes.CHAIN_MODE; - } - } - - /** - * Builds the IdentityLinkDomainIdentifier as needed for providing it to the - * SecurityLayer for computation of the wbPK. - * <p>e.g.:<br> - * input element: - * <br> - * <code><pr:Firmenbuchnummer Identifier="FN">000468 i</pr:Firmenbuchnummer></code> - * <p> - * return value: <code>urn:publicid:gv.at+wbpk+FN468i</code> - * - * @param number The element holding the identification number of the business - * company. - * @return The domain identifier - */ - protected String buildIdentityLinkDomainIdentifier(Element number) { - if (number == null) { - return null; - } - String identificationNumber = number.getFirstChild().getNodeValue(); - String identifier = number.getAttribute("Identifier"); - // remove all blanks - identificationNumber = StringUtils.removeBlanks(identificationNumber); - if (number.getLocalName().equals("Firmenbuchnummer") || identifier.equalsIgnoreCase("fn") || identifier.equalsIgnoreCase("xfn")) { - // delete zeros from the beginning of the number - identificationNumber = StringUtils.deleteLeadingZeros(identificationNumber); - // remove hyphens - identificationNumber = StringUtils.removeToken(identificationNumber, "-"); - } - StringBuffer identityLinkDomainIdentifier = new StringBuffer(Constants.URN_PREFIX_WBPK); - identityLinkDomainIdentifier.append("+"); - if (!identificationNumber.startsWith(identifier)) { - identityLinkDomainIdentifier.append(identifier); - } - identityLinkDomainIdentifier.append("+"); - identityLinkDomainIdentifier.append(identificationNumber); - return identityLinkDomainIdentifier.toString(); - } - - /** - * Builds the parameters for verifying additional infoboxes (additional to the - * IdentityLink infobox). - * - * @param verifyInfoboxesElem The <code>VerifyInfoboxes</code> element from the - * config file. This maybe the global element or the - * elment from an Online application. - * @param defaultVerifyInfoboxParameters Default parameters to be used, if no - * <code>VerifyInfoboxes</code> element is present. - * This only applies to parameters - * of an specific online application and is set to - * <code>null</code> when building the global parameters. - * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating - * the identity link signer certificate. Needed for - * checking if this ID is not used for validating other - * infoboxes. - * - * @return A {@link at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters VerifyInfoboxParameters} - * object needed for verifying additional infoboxes. - * - * @throws ConfigurationException If the trust profile for validating the identity link - * signer certificate is used for validating another infobox. - */ - public VerifyInfoboxParameters buildVerifyInfoboxParameters( - Node verifyInfoboxesElem, - VerifyInfoboxParameters defaultVerifyInfoboxParameters, - String moaSpIdentityLinkTrustProfileID) - throws ConfigurationException - { - - if ((verifyInfoboxesElem == null) && (defaultVerifyInfoboxParameters == null)) { - return null; - } - Vector identifiers = new Vector(); - List defaultIdentifiers = null; - Map defaultInfoboxParameters = null; - if (defaultVerifyInfoboxParameters != null) { - defaultIdentifiers = defaultVerifyInfoboxParameters.getIdentifiers(); - defaultInfoboxParameters = defaultVerifyInfoboxParameters.getInfoboxParameters(); - } - Hashtable infoboxParameters = new Hashtable(); - if (verifyInfoboxesElem != null) { - // get the DefaultTrustProfileID - String defaultTrustProfileID = null; - Node defaultTrustProfileNode = - XPathUtils.selectSingleNode(verifyInfoboxesElem, VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH); - if (defaultTrustProfileNode != null) { - Node trustProfileIDNode = - XPathUtils.selectSingleNode(defaultTrustProfileNode, VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH); - defaultTrustProfileID = trustProfileIDNode.getFirstChild().getNodeValue(); - if (defaultTrustProfileID.equals(moaSpIdentityLinkTrustProfileID)) { - throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID}); - } - } - // get the Infoboxes - NodeList infoboxes = - XPathUtils.selectNodeList(verifyInfoboxesElem, VERIFY_INFOBOXES_INFOBOX_XPATH); - for (int i=0; i<infoboxes.getLength(); i++) { - Element infoBoxElem = (Element)infoboxes.item(i); - // get the identifier of the infobox - String identifier = infoBoxElem.getAttribute("Identifier"); - identifiers.add(identifier); - VerifyInfoboxParameter verifyInfoboxParameter = new VerifyInfoboxParameter(identifier); - verifyInfoboxParameter.setFriendlyName(identifier); - // get the attributes - // (1) required: override global value in any case - verifyInfoboxParameter.setRequired(BoolUtils.valueOf( - infoBoxElem.getAttribute("required"))); - // (2) provideStammzahl: override global value in any case - verifyInfoboxParameter.setProvideStammzahl(BoolUtils.valueOf( - infoBoxElem.getAttribute("provideStammzahl"))); - // (3) proviedIdentityLink: override global value in any case - verifyInfoboxParameter.setProvideIdentityLink(BoolUtils.valueOf( - infoBoxElem.getAttribute("provideIdentityLink"))); - // set default trustprofileID - if (defaultTrustProfileID != null) { - verifyInfoboxParameter.setTrustProfileID(defaultTrustProfileID); - } - // get the parameter elements - boolean localValidatorClass = false; - boolean localFriendlyName = false; - List params = DOMUtils.getChildElements(infoBoxElem); - Iterator it = params.iterator(); - while (it.hasNext()) { - Element paramElem = (Element)it.next(); - String paramName = paramElem.getLocalName(); - if (paramName.equals("FriendlyName")) { - verifyInfoboxParameter.setFriendlyName(paramElem.getFirstChild().getNodeValue()); - localFriendlyName = true; - } else if (paramName.equals("TrustProfileID")) { - String trustProfileID = paramElem.getFirstChild().getNodeValue(); - if (trustProfileID != null) { - if (trustProfileID.equals(moaSpIdentityLinkTrustProfileID)) { - throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID}); - } - verifyInfoboxParameter.setTrustProfileID(trustProfileID); - } - } else if (paramName.equals("ValidatorClass")) { - String validatorClassName = paramElem.getFirstChild().getNodeValue(); - if (validatorClassName != null) { - verifyInfoboxParameter.setValidatorClassName(validatorClassName); - localValidatorClass = true; - } - } else if (paramName.equals("SchemaLocations")) { - List schemaElems = DOMUtils.getChildElements(paramElem); - List schemaLocations = new Vector(schemaElems.size()); - Iterator schemaIterator = schemaElems.iterator(); - while (schemaIterator.hasNext()) { - Element schemaElem = (Element)schemaIterator.next(); - String namespace = schemaElem.getAttribute("namespace"); - String schemaLocation = schemaElem.getAttribute("schemaLocation"); - // avoid adding the same schema twice - Iterator schemaLocationIterator = schemaLocations.iterator(); - boolean add = true; - while (schemaLocationIterator.hasNext()) { - String existingNamespace = ((Schema)schemaLocationIterator.next()).getNamespace(); - if (namespace.equals(existingNamespace)) { - Logger.warn("Multiple schemas specified for namespace \"" + namespace + - "\"; only using the first one."); - add = false; - break; - } - } - if (add) { - schemaLocations.add(new SchemaImpl(namespace, schemaLocation)); - } - } - verifyInfoboxParameter.setSchemaLocations(schemaLocations); - } else if (paramName.equals("ApplicationSpecificParameters")) { - verifyInfoboxParameter.setApplicationSpecificParams(paramElem); - } else if (paramName.equals("ParepSpecificParameters")) { - verifyInfoboxParameter.appendParepSpecificParams(paramElem); - } - } - // use default values for those parameters not yet set by local configuration - if (defaultInfoboxParameters != null) { - Object defaultVerifyIP = defaultInfoboxParameters.get(identifier); - if (defaultVerifyIP != null) { - VerifyInfoboxParameter defaultVerifyInfoboxParameter = - (VerifyInfoboxParameter)defaultVerifyIP; - // if no friendly is set, use default - if (!localFriendlyName) { - verifyInfoboxParameter.setFriendlyName( - defaultVerifyInfoboxParameter.getFriendlyName()); - } - // if no TrustProfileID is set, use default, if available - if (verifyInfoboxParameter.getTrustProfileID() == null) { - verifyInfoboxParameter.setTrustProfileID( - defaultVerifyInfoboxParameter.getTrustProfileID()); - } - // if no local validator class is set, use default - if (!localValidatorClass) { - verifyInfoboxParameter.setValidatorClassName( - defaultVerifyInfoboxParameter.getValidatorClassName()); - } - // if no schema locations set, use default - if (verifyInfoboxParameter.getSchemaLocations() == null) { - verifyInfoboxParameter.setSchemaLocations( - defaultVerifyInfoboxParameter.getSchemaLocations()); - } - // if no application specific parameters set, use default - if (verifyInfoboxParameter.getApplicationSpecificParams() == null) { - verifyInfoboxParameter.setApplicationSpecificParams( - defaultVerifyInfoboxParameter.getApplicationSpecificParams()); - } - } - } - infoboxParameters.put(identifier, verifyInfoboxParameter); - } - // add the infobox identifiers not present within the local configuration to the - // identifier list - if (defaultIdentifiers != null) { - Iterator identifierIterator = defaultIdentifiers.iterator(); - while (identifierIterator.hasNext()) { - String defaultIdentifier = (String)identifierIterator.next(); - if (!identifiers.contains(defaultIdentifier)) { - identifiers.add(defaultIdentifier); - } - } - } - return new VerifyInfoboxParameters(identifiers, infoboxParameters); - } else { - return new VerifyInfoboxParameters(defaultIdentifiers, infoboxParameters); - } - } - - /** - * Creates a SignatureCreationParameter object from the MOA-ID configuration - * This configuration object contains KeyStore and Key data for signature creation (STORK SAML Signature Creation). - * - * @return KeyStore and Key data for signature creation (STORK SAML Signature Creation) - */ - public SignatureCreationParameter buildSTORKSignatureCreationParameter() { - - Logger.debug("Loading STORK signature creation parameters."); - - Element signatureCreationParameterElement = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_CREATION_PARAMETER); - if (signatureCreationParameterElement == null) { - Logger.debug("No STORK signature parameters found, " + AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_CREATION_PARAMETER + "is missing."); - return null; - } - - SignatureCreationParameter signatureCreationParameter = new SignatureCreationParameter(); - - Element keyStoreElement = (Element)XPathUtils.selectSingleNode(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE); - if (keyStoreElement==null) { - Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE + "is missing."); - return null; - } - - Element keyNameElement = (Element)XPathUtils.selectSingleNode(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME); - if (keyNameElement==null) { - Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME + "is missing."); - return null; - } - - String keyStorePath = DOMUtils.getText(keyStoreElement); - if (StringUtils.isEmpty(keyStorePath)) { - Logger.error("No KeyStorePath for STORK SAML Signing Certificate provided!"); - return null; - } - signatureCreationParameter.setKeyStorePath(FileUtils.makeAbsoluteURL(keyStorePath, rootConfigFileDir_)); - Logger.trace("Found KeyStorePath for STORK SAML Signing Certificate: " + keyStorePath); - - String keyStorePassword = XPathUtils.getAttributeValue(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE_PASSWORD, ""); - signatureCreationParameter.setKeyStorePassword(keyStorePassword); - - String keyName = DOMUtils.getText(keyNameElement); - if (StringUtils.isEmpty(keyName)) { - Logger.warn(AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE_PASSWORD + "is missing."); - return null; - } - signatureCreationParameter.setKeyName(keyName); - Logger.trace("Found KeyName for STORK SAML Signing Certificate: " + keyName); - - String keyPassword = XPathUtils.getAttributeValue(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME_PASSWORD, ""); - signatureCreationParameter.setKeyPassword(keyPassword); - - Logger.info("STORK signature creation parameters loaded."); - - return signatureCreationParameter; - - } - - /** - * Method warn. - * @param messageId to identify a country-specific message - * @param parameters for the logger - */ - // - // various utility methods - // - - protected static void warn(String messageId, Object[] parameters) { - Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); - } - - /** - * Method warn. - * @param messageId to identify a country-specific message - * @param args for the logger - * @param t as throwabl - */ - protected static void warn(String messageId, Object[] args, Throwable t) { - Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, args), t); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java deleted file mode 100644 index ab1cd6c2e..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java +++ /dev/null @@ -1,154 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -import at.gv.egovernment.moa.id.config.ConnectionParameterInterface; - -/** - * This bean class is used to store data for various connectionParameter - * within the MOA-ID configuration - * - * @author Stefan Knirsch - * @version $Id$ - */ -public class ConnectionParameter implements ConnectionParameterInterface{ - - /** - * Server URL - */ - private String url; - /** - * File URL for a directory containing PKCS#12 server SSL certificates. - * From these certificates, a X509 trust store will be assembled for use - * by a JSSE <code>TrustManager</code>. - * This field will only be used in case of an HTTPS URL. - */ - private String acceptedServerCertificates; - /** - * File URL of a X509 key store containing the private key to be used - * for an HTTPS connection when the server requires client authentication. - * This field will only be used in case of an HTTPS URL. - */ - private String clientKeyStore; - /** - * Password protecting the client key store. - */ - private String clientKeyStorePassword; - - /** - * Checks whether the URL scheme is <code>"https"</code>. - * @return true in case of an URL starting with <code>"https"</code> - */ - public boolean isHTTPSURL() { - return getUrl().indexOf("https") == 0; - } - - /** - * Returns the url. - * @return String - */ - public String getUrl() { - return url; - } - - /** - * Returns the acceptedServerCertificates. - * @return String - */ - public String getAcceptedServerCertificates() { - return acceptedServerCertificates; - } - - /** - * Sets the acceptedServerCertificates. - * @param acceptedServerCertificates The acceptedServerCertificates to set - */ - public void setAcceptedServerCertificates(String acceptedServerCertificates) { - this.acceptedServerCertificates = acceptedServerCertificates; - } - - /** - * Sets the url. - * @param url The url to set - */ - public void setUrl(String url) { - this.url = url; - } - - /** - * Returns the clientKeyStore. - * @return String - */ - public String getClientKeyStore() { - return clientKeyStore; - } - - /** - * Returns the clientKeyStorePassword. - * @return String - */ - public String getClientKeyStorePassword() { - return clientKeyStorePassword; - } - - /** - * Sets the clientKeyStore. - * @param clientKeyStore The clientKeyStore to set - */ - public void setClientKeyStore(String clientKeyStore) { - this.clientKeyStore = clientKeyStore; - } - - /** - * Sets the clientKeyStorePassword. - * @param clientKeyStorePassword The clientKeyStorePassword to set - */ - public void setClientKeyStorePassword(String clientKeyStorePassword) { - this.clientKeyStorePassword = clientKeyStorePassword; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java deleted file mode 100644 index 6bdbd38d8..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java +++ /dev/null @@ -1,464 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -/** - * Configuration parameters belonging to an online application, - * to use with the MOA ID Auth component. - * - * @author Stefan Knirsch - * @version $Id$ - */ -/** - * - * - * @author Harald Bratko - */ -public class OAAuthParameter extends OAParameter { - /** - * Sercurity Layer version - */ - private String slVersion; - /** - * true, if the Security Layer version is version 1.2, otherwise false - */ - private boolean slVersion12; - /** - * identityLinkDomainIdentifier - * (e.g <code>urn:publicid:gv.at+wbpk+FN468i</code> for a "Firmenbuchnummer") - * <br> - * only used within a business application context for providing it to the - * security layer as input for wbPK computation - */ - private String identityLinkDomainIdentifier; - /** - * key box Identifier (e.g. CertifiedKeypair, SecureSignatureKeypair) - */ - private String keyBoxIdentifier; - /** - * transformations for rendering in the secure viewer of the security layer - * implementation; multiple transformation can be given for different mime types - */ - private String[] transformsInfos; - /** - * determines whether "Stammzahl" is to be included in the authentication data - */ - private boolean provideStammzahl; - /** - * determines whether AUTH block is to be included in the authentication data - */ - private boolean provideAuthBlock; - /** - * determines whether identity link is to be included in the authentication data - */ - private boolean provideIdentityLink; - /** - * determines whether the certificate is to be included in the authentication data - */ - private boolean provideCertificate; - /** - * determines whether the full mandator data (i.e. the mandate) is to be included in the authentication data - */ - private boolean provideFullMandatorData; - - /** determines wheter the IssueInstant of the SAML assertion is in UTC or not*/ - private boolean useUTC; - - /** determines wheter a saml:Condition is added to the SAML assertion or not */ - private boolean useCondition; - - /** determines the validity time of the SAML assertion (if useCondition is true) in seconds */ - private int conditionLength; - /** - * url to a template for web page "Auswahl der Bürgerkartenumgebung" - */ - private String bkuSelectionTemplateURL; - /** - * template for web page "Anmeldung mit Bürgerkarte" - */ - private String templateURL; - - /** - * template for web page "Signatur der Anmeldedaten" - */ - private String inputProcessorSignTemplateURL; - /** - * Parameters for verifying infoboxes. - */ - private VerifyInfoboxParameters verifyInfoboxParameters; - - /** - * Parameter for Mandate profiles - */ - private String mandateProfiles; - - /** - * - * Type for authentication number (e.g. Firmenbuchnummer) - */ - private String identityLinkDomainIdentifierType; - -/** - * Returns <code>true</code> if the Security Layer version is version 1.2, - * otherwise <code>false</code>. - * @return <code>true</code> if the Security Layer version is version 1.2, - * otherwise <code>false</code> - */ - public boolean getSlVersion12() { - return slVersion12; - } - - /** - * Returns the security layer version. - * @return the security layer version. - */ - public String getSlVersion() { - return slVersion; - } - - /** - * Returns the identityLinkDomainIdentifier. - * @return the identityLinkDomainIdentifier. - */ - public String getIdentityLinkDomainIdentifier() { - return identityLinkDomainIdentifier; - } - - /** - * Returns the transformsInfos. - * @return the transformsInfos. - */ - public String[] getTransformsInfos() { - return transformsInfos; - } - - /** - * Returns the provideAuthBlock. - * @return String - */ - public boolean getProvideAuthBlock() { - return provideAuthBlock; - } - - /** - * Returns the provideIdentityLink. - * @return String - */ - public boolean getProvideIdentityLink() { - return provideIdentityLink; - } - - /** - * Returns the provideStammzahl. - * @return String - */ - public boolean getProvideStammzahl() { - return provideStammzahl; - } - - /** - * Returns <code>true</code> if the certificate should be provided within the - * authentication data, otherwise <code>false</code>. - * @return <code>true</code> if the certificate should be provided, - * otherwise <code>false</code> - */ - public boolean getProvideCertifcate() { - return provideCertificate; - } - - /** - * Returns <code>true</code> if the full mandator data should be provided within the - * authentication data, otherwise <code>false</code>. - * @return <code>true</code> if the full mandator data should be provided, - * otherwise <code>false</code> - */ - public boolean getProvideFullMandatorData() { - return provideFullMandatorData; - } - - /** - * Returns <code>true</code> if the IssueInstant should be given in UTC, otherwise <code>false</code>. - * @return <code>true</code> if the IssueInstant should be given in UTC, otherwise <code>false</code>. - */ - public boolean getUseUTC() { - return useUTC; - } - - /** - * Returns <code>true</code> if the SAML assertion should contain a saml:Condition, otherwise <code>false</code>. - * @return <code>true</code> if the SAML assertion should contain a saml:Condition, otherwise <code>false</code>. - */ - public boolean getUseCondition() { - return useCondition; - } - - /** - * Returns the validity time of the SAML assertion (if useCondition is true) in seconds - * @return the validity time of the SAML assertion (if useCondition is true) in seconds - */ - public int getConditionLength() { - return conditionLength; - } - - -/** - * Returns the key box identifier. - * @return String - */ - public String getKeyBoxIdentifier() { - return keyBoxIdentifier; - } - - /** - * Returns the BkuSelectionTemplate url. - * @return The BkuSelectionTemplate url or <code>null</code> if no url for - * a BkuSelectionTemplate is set. - */ - public String getBkuSelectionTemplateURL() { - return bkuSelectionTemplateURL; - } - - /** - * Returns the TemplateURL url. - * @return The TemplateURL url or <code>null</code> if no url for - * a Template is set. - */ - public String getTemplateURL() { - return templateURL; - } - - - /** - * Returns the inputProcessorSignTemplateURL url. - * @return The inputProcessorSignTemplateURL url or <code>null</code> if no url for - * a input processor sign template is set. - */ - public String getInputProcessorSignTemplateURL() { - return inputProcessorSignTemplateURL; - } - - /** - * Returns the parameters for verifying additional infoboxes. - * - * @return The parameters for verifying additional infoboxes. - * Maybe <code>null</code>. - */ - public VerifyInfoboxParameters getVerifyInfoboxParameters() { - return verifyInfoboxParameters; - } - - /** - * Sets the security layer version. - * Also sets <code>slVersion12</code> ({@link #getSlVersion12()}) - * to <code>true</code> if the Security Layer version is 1.2. - * @param slVersion The security layer version to be used. - */ - public void setSlVersion(String slVersion) { - this.slVersion = slVersion; - if ("1.2".equals(slVersion)) { - this.slVersion12 = true; - } - } - /** - * Sets the IdentityLinkDomainIdentifier. - * @param identityLinkDomainIdentifier The IdentityLinkDomainIdentifiern number of the online application. - */ - public void setIdentityLinkDomainIdentifier(String identityLinkDomainIdentifier) { - this.identityLinkDomainIdentifier = identityLinkDomainIdentifier; - } - /** - * Sets the transformsInfos. - * @param transformsInfos The transformsInfos to be used. - */ - public void setTransformsInfos(String[] transformsInfos) { - this.transformsInfos = transformsInfos; - } - - -/** - * Sets the provideAuthBlock. - * @param provideAuthBlock The provideAuthBlock to set - */ - public void setProvideAuthBlock(boolean provideAuthBlock) { - this.provideAuthBlock = provideAuthBlock; - } - - /** - * Sets the provideIdentityLink. - * @param provideIdentityLink The provideIdentityLink to set - */ - public void setProvideIdentityLink(boolean provideIdentityLink) { - this.provideIdentityLink = provideIdentityLink; - } - - /** - * Sets the provideStammzahl. - * @param provideStammzahl The provideStammzahl to set - */ - public void setProvideStammzahl(boolean provideStammzahl) { - this.provideStammzahl = provideStammzahl; - } - - /** - * Sets the provideCertificate variable. - * @param provideCertificate The provideCertificate value to set - */ - public void setProvideCertificate(boolean provideCertificate) { - this.provideCertificate = provideCertificate; - } - - /** - * Sets the provideFullMandatorData variable. - * @param provideFullMandatorData The provideFullMandatorData value to set - */ - public void setProvideFullMandatorData(boolean provideFullMandatorData) { - this.provideFullMandatorData = provideFullMandatorData; - } - - /** - * Sets the useUTC variable. - * @param useUTC The useUTC value to set - */ - public void setUseUTC(boolean useUTC) { - this.useUTC = useUTC; - } - - /** - * Sets the useCondition variable - * @param useCondition The useCondition value to set - */ - public void setUseCondition(boolean useCondition) { - this.useCondition = useCondition; - } - - /** - * Sets the conditionLength variable - * @param conditionLength the conditionLength value to set - */ - public void setConditionLength(int conditionLength) { - this.conditionLength = conditionLength; - } - - - /** - * Sets the key box identifier. - * @param keyBoxIdentifier to set - */ - public void setKeyBoxIdentier(String keyBoxIdentifier) { - this.keyBoxIdentifier = keyBoxIdentifier; - } - - /** - * Sets the BkuSelectionTemplate url. - * @param bkuSelectionTemplateURL The url string specifying the location - * of a BkuSelectionTemplate. - */ - public void setBkuSelectionTemplateURL(String bkuSelectionTemplateURL) { - this.bkuSelectionTemplateURL = bkuSelectionTemplateURL; - } - - /** - * Sets the Template url. - * @param templateURL The url string specifying the location - * of a Template. - */ - public void setTemplateURL(String templateURL) { - this.templateURL = templateURL; - } - - /** - * Sets the input processor sign form template url. - * - * @param inputProcessorSignTemplateURL The url string specifying the - * location of the input processor sign form - */ - public void setInputProcessorSignTemplateURL(String inputProcessorSignTemplateURL) { - this.inputProcessorSignTemplateURL = inputProcessorSignTemplateURL; - } - - /** - * Sets the parameters for verifying additonal (to the identitylink infobox) infoboxes. - * - * @param verifyInfoboxParameters The verifyInfoboxParameters to set. - */ - public void setVerifyInfoboxParameters(VerifyInfoboxParameters verifyInfoboxParameters) { - this.verifyInfoboxParameters = verifyInfoboxParameters; - } - - /** - * Gets the IdentityLinkDomainIdentifier (e.g. Firmenbuchnummer) - * @return IdentityLinkDomainIdentifier (e.g. Firmenbuchnummer) - */ - public String getIdentityLinkDomainIdentifierType() { - return identityLinkDomainIdentifierType; - } - - /** - * Sets the IdentityLinkDomainIdentifier (e.g. Firmenbuchnummer) - * @param identityLinkDomainIdentifierType The IdentityLinkDomainIdentifier to set (e.g. Firmenbuchnummer) - */ - public void setIdentityLinkDomainIdentifierType(String identityLinkDomainIdentifierType) { - this.identityLinkDomainIdentifierType = identityLinkDomainIdentifierType; - } - - /** - * Sets the Mandate/Profiles - * @param profiles - */ - public void setMandateProfiles(String profiles) { - this.mandateProfiles = profiles; - } - - /** - * Returns the Mandates/Profiles - * @return - */ - public String getMandateProfiles() { - return this.mandateProfiles; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java deleted file mode 100644 index 2a4d68726..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java +++ /dev/null @@ -1,186 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -/** - * Configuration parameters belonging to an online application, - * to be used within both, the MOA ID Auth and the - * MOA ID PROXY component. - * - * @author Harald Bratko - */ -public class OAParameter { - - /** - * type of the online application (maybe "PublicService" or "BusinessService") - */ - private String oaType; - - /** - * specifies whether the online application is a business application or not - * (<code>true</code> if value of {@link #oaType} is "businessService" - */ - private boolean businessService; - - /** - * public URL prefix of the online application - */ - private String publicURLPrefix; - - /** - * specifies a human readable name of the Online Application - */ - private String friendlyName; - - /** - * specified a specific target for the Online Application (overwrites the target in der request) - */ - private String target; - /** - * specifies a friendly name for the target - */ - private String targetFriendlyName; - - /** - * Returns the type of the online application. - * @return the type of the online application. - */ - public String getOaType() { - return oaType; - } - - /** - * Returns <code>true</code> is the OA is a businss application, otherwise - * <code>false</code>. - * @return <code>true</code> is the OA is a businss application, otherwise - * <code>false</code> - */ - public boolean getBusinessService() { - return this.businessService; - } - - /** - * Returns the publicURLPrefix. - * @return String - */ - public String getPublicURLPrefix() { - return publicURLPrefix; - } - - /** - * - * Sets the type of the online application. - * If the type is "businessService" the value of <code>businessService</code> - * ({@link #getBusinessService()}) is also set to <code>true</code> - * @param oaType The type of the online application. - */ - public void setOaType(String oaType) { - this.oaType = oaType; - if ("businessService".equalsIgnoreCase(oaType)) { - this.businessService = true; - } - } - - /** - * Sets the publicURLPrefix. - * @param publicURLPrefix The publicURLPrefix to set - */ - public void setPublicURLPrefix(String publicURLPrefix) { - this.publicURLPrefix = publicURLPrefix; - } - - - /** - * Gets the friendly name of the OA - * @return Friendly Name of the OA - */ - public String getFriendlyName() { - return friendlyName; - } - - /** - * Sets the friendly name of the OA - * @param friendlyName - */ - public void setFriendlyName(String friendlyName) { - this.friendlyName = friendlyName; - } - - /** - * Gets the target of the OA - * @return target of the OA - */ - public String getTarget() { - return target; - } - - /** - * Sets the target of the OA - * @param target - */ - public void setTarget(String target) { - this.target = target; - } - - /** - * Gets the target friendly name of the OA - * @return target Friendly Name of the OA - */ - public String getTargetFriendlyName() { - return targetFriendlyName; - } - - /** - * Sets the target friendly name of the OA - * @param targetFriendlyName - */ - public void setTargetFriendlyName(String targetFriendlyName) { - this.targetFriendlyName = targetFriendlyName; - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java deleted file mode 100644 index 4666122d2..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java +++ /dev/null @@ -1,112 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/** - * - */ -package at.gv.egovernment.moa.id.config.legacy; - -import java.util.HashMap; -import java.util.Map; - -import at.gv.egovernment.moa.util.StringUtils; - -/** - * Encapsulates several STORK configuration parameters according MOA configuration - * - * @author bzwattendorfer - * - */ -public class STORKConfig { - - /** STORK SAML signature creation parameters */ - private SignatureCreationParameter signatureCreationParameter; - - /** STORK SAML signature verification parameters */ - private SignatureVerificationParameter signatureVerificationParameter; - - /** Map of supported C-PEPSs */ - private Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>(); - - - /** - * Constructs a STORK Config object - * @param signatureCreationParameter STORK SAML Signature creation parameters - * @param signatureVerificationParameter STORK SAML Signature verification parameters - * @param cpepsMap Map of supported C-PEPS - */ - public STORKConfig(SignatureCreationParameter signatureCreationParameter, - SignatureVerificationParameter signatureVerificationParameter, - Map<String, CPEPS> cpepsMap) { - super(); - this.signatureCreationParameter = signatureCreationParameter; - this.signatureVerificationParameter = signatureVerificationParameter; - this.cpepsMap = cpepsMap; - } - - public SignatureCreationParameter getSignatureCreationParameter() { - return signatureCreationParameter; - } - - public void setSignatureCreationParameter( - SignatureCreationParameter signatureCreationParameter) { - this.signatureCreationParameter = signatureCreationParameter; - } - - public SignatureVerificationParameter getSignatureVerificationParameter() { - return signatureVerificationParameter; - } - - public void setSignatureVerificationParameter( - SignatureVerificationParameter signatureVerificationParameter) { - this.signatureVerificationParameter = signatureVerificationParameter; - } - - public Map<String, CPEPS> getCpepsMap() { - return cpepsMap; - } - - public void setCpepsMap(Map<String, CPEPS> cpepsMap) { - this.cpepsMap = cpepsMap; - } - - public boolean isSTORKAuthentication(String ccc) { - - if (StringUtils.isEmpty(ccc) || this.cpepsMap.isEmpty()) - return false; - - if (this.cpepsMap.containsKey(ccc.toUpperCase())) - return true; - else - return false; - - } - - public CPEPS getCPEPS(String ccc) { - if (isSTORKAuthentication(ccc)) - return this.cpepsMap.get(ccc); - else - return null; - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java deleted file mode 100644 index 69d4889af..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java +++ /dev/null @@ -1,134 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.gv.egovernment.moa.id.config.legacy; - -/** - * Encapsulates signature creation parameters according MOA configuration - * - * @author bzwattendorfer - * - */ -public class SignatureCreationParameter { - - /** KeyStore Path */ - private String keyStorePath; - - /** KeyStore Password */ - private String keyStorePassword; - - /** Signing Key Name */ - private String keyName; - - /** Signing Key Password */ - private String keyPassword; - - /** - * Gets the KeyStore Path - * @return File Path to KeyStore - */ - public String getKeyStorePath() { - return keyStorePath; - } - - /** - * Sets the KeyStore Path - * @param keyStorePath Path to KeyStore - */ - public void setKeyStorePath(String keyStorePath) { - this.keyStorePath = keyStorePath; - } - - /** - * Gets the KeyStore Password - * @return Password to KeyStore - */ - public String getKeyStorePassword() { - return keyStorePassword; - } - - /** - * Sets the KeyStore Password - * @param keyStorePassword Password to KeyStore - */ - public void setKeyStorePassword(String keyStorePassword) { - this.keyStorePassword = keyStorePassword; - } - - /** - * Gets the Signing Key Name - * @return Siging Key Name - */ - public String getKeyName() { - return keyName; - } - - /** - * Sets the Signing Key Name - * @param keyName Signing Key Name - */ - public void setKeyName(String keyName) { - this.keyName = keyName; - } - - /** - * Gets the Signing Key Password - * @return Signing Key Password - */ - public String getKeyPassword() { - return keyPassword; - } - - /** - * Sets the Signing Key Password - * @param keyPassword Signing Key Password - */ - public void setKeyPassword(String keyPassword) { - this.keyPassword = keyPassword; - } - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java deleted file mode 100644 index 9358d763f..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java +++ /dev/null @@ -1,57 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/** - * - */ -package at.gv.egovernment.moa.id.config.legacy; - -/** - * Encapsulates Signature Verification data for STORK according MOA configuration - * - * @author bzwattendorfer - * - */ -public class SignatureVerificationParameter { - - /** ID of the MOA-SP TrustProfile to be used for STORK SAML signature verification */ - private String trustProfileID; - - /** - * Gets the MOA-SP TrustProfileID - * @return TrustProfileID of MOA-SP for STORK signature verification - */ - public String getTrustProfileID() { - return trustProfileID; - } - - /** - * Sets the MOA-SP TrustProfileID - * @param trustProfileID TrustProfileID of MOA-SP for STORK signature verification - */ - public void setTrustProfileID(String trustProfileID) { - this.trustProfileID = trustProfileID; - } - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java deleted file mode 100644 index 6f00a7b9c..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java +++ /dev/null @@ -1,433 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -import java.io.IOException; -import java.util.Iterator; -import java.util.List; - -import javax.xml.transform.TransformerException; - -import org.apache.xpath.XPathAPI; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -import at.gv.egovernment.moa.id.auth.data.Schema; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.StringUtils; - -/** - * This class is a container for parameters that maybe needed for verifying an infobox. - * - * @author Harald Bratko - */ -public class VerifyInfoboxParameter { - - /** - * The default package name (first part) of a infobox validator class. - */ - public static final String DEFAULT_PACKAGE_TRUNK = "at.gv.egovernment.moa.id.auth.validator."; - - /** - * The identifier of the infobox to be verified. This identifier must exactly the - * identifier of the infobox returned by BKU. - */ - protected String identifier_; - - /** - * The friendly name of the infobox. - * This name is used within browser messages, thus it should be the german equivalent of - * the {@link #identifier_ infobox identifier} (e.g. "<code>Stellvertretungen</code>" - * for "<code>Mandates</code>" or "<code>GDAToken</code>" for - * "<code>EHSPToken</code>". - * <br>If not specified within the config file the {@link #identifier_ infobox identifier} - * will be used. - */ - protected String friendlyName_; - - /** - * The Id of the TrustProfile to be used for validating certificates. - */ - protected String trustProfileID_; - - /** - * The full name of the class to be used for verifying the infobox. - */ - protected String validatorClassName_; - - /** - * Schema location URIs that may be needed by the - * validator to parse infobox tokens. - * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} - * specifying the location of an XML schema. - */ - protected List schemaLocations_; - - /** - * Application specific parameters that may be needed for verifying an infobox. - */ - protected Element applicationSpecificParams_; - - /** - * Specifies if the infobox is be required to be returned by the BKU. - */ - protected boolean required_; - - /** - * Specifies whether the <code>Stammzahl</code> should be passed to the verifying - * application or not. - */ - protected boolean provideStammzahl_; - - /** - * Specifies whether the <code>identity link</code> should be passed to the verifying - * application or not. - */ - protected boolean provideIdentityLink_; - - /** - * Initializes this VerifiyInfoboxParamater with the given identifier and a default - * validator class name. - * - * @param identifier The identifier of the infobox to be verified. - */ - public VerifyInfoboxParameter(String identifier) { - identifier_ = identifier; - StringBuffer sb = new StringBuffer(DEFAULT_PACKAGE_TRUNK); - sb.append(identifier.toLowerCase()); - sb.append("."); - sb.append(identifier.substring(0, 1).toUpperCase()); - sb.append(identifier.substring(1)); - sb.append("Validator"); - validatorClassName_ = sb.toString(); - } - - /** - * Returns application specific parameters. - * Each child element of this element contains a verifying application specific parameter. {@link #applicationSpecificParams_} - * - * @see #applicationSpecificParams_ - * - * @return Application specific parameters. - */ - public Element getApplicationSpecificParams() { - return applicationSpecificParams_; - } - - /** - * Sets the application specific parameters. - * - * @see #applicationSpecificParams_ - * - * @param applicationSpecificParams The application specific parameters to set. - */ - public void setApplicationSpecificParams(Element applicationSpecificParams) { - applicationSpecificParams_ = applicationSpecificParams; - } - - /** - * Appends special application specific parameters for party representation. - * - * @param applicationSpecificParams The application specific parameters for party representation to set. - */ - public void appendParepSpecificParams(Element applicationSpecificParams) { - try { - if (applicationSpecificParams_==null) { - applicationSpecificParams_ = applicationSpecificParams.getOwnerDocument().createElement("ApplicationSpecificParameters"); - } - Element nameSpaceNode = applicationSpecificParams.getOwnerDocument().createElement("NameSpaceNode"); - nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI); - NodeList nodeList = XPathAPI.selectNodeList(applicationSpecificParams, "*", nameSpaceNode); - if (null!=nodeList) { - for (int i=0; i<nodeList.getLength(); i++) { - applicationSpecificParams_.appendChild((Node) nodeList.item(i)); - } - } - } catch (TransformerException e) { - //Do nothing - } - } - - /** - * Returns the friendly name. - * - * @see #friendlyName_ - * - * @return The friendly name. - */ - public String getFriendlyName() { - return friendlyName_; - } - - /** - * Sets the friendly name. - * - * @param friendlyName The friendly name to set. - */ - public void setFriendlyName(String friendlyName) { - friendlyName_ = friendlyName; - } - - /** - * Returns the infobox identifier. - * - * @see #identifier_ - * - * @return The infobox identifier. - */ - public String getIdentifier() { - return identifier_; - } - - /** - * Sets the the infobox identifier. - * - * @see #identifier_ - * - * @param identifier The infobox identifier to set. - */ - public void setIdentifier(String identifier) { - identifier_ = identifier; - } - - /** - * Specifies whether the identity link should be passed to the verifying application - * or not. - * - * @return <code>True</code> if the identity link should be passed to the verifying - * application, otherwise <code>false</code>. - */ - public boolean getProvideIdentityLink() { - return provideIdentityLink_; - } - - /** - * Sets the {@link #provideIdentityLink_} parameter. - * - * @param provideIdentityLink <code>True</code> if the identity link should be passed to - * the verifying application, otherwise <code>false</code>. - */ - public void setProvideIdentityLink(boolean provideIdentityLink) { - provideIdentityLink_ = provideIdentityLink; - } - - /** - * Specifies whether the <code>Stammzahl</code> should be passed to the verifying - * application or not. - * - * @return <code>True</code> if the <code>Stammzahl</code> should be passed to the - * verifying application, otherwise <code>false</code>. - */ - public boolean getProvideStammzahl() { - return provideStammzahl_; - } - - /** - * Sets the {@link #provideStammzahl_} parameter. - * - * @param provideStammzahl <code>True</code> if the <code>Stammzahl</code> should be - * passed to the verifying application, otherwise <code>false</code>. - */ - public void setProvideStammzahl(boolean provideStammzahl) { - provideStammzahl_ = provideStammzahl; - } - - /** - * Specifies whether the infobox is required or not. - * - * @return <code>True</code> if the infobox is required to be returned by the BKU, - * otherwise <code>false</code>. - */ - public boolean isRequired() { - return required_; - } - - /** - * Sets the {@link #required_} parameter. - * - * @param required <code>True</code> if the infobox is required to be returned by the - * BKU, otherwise <code>false</code>. - */ - public void setRequired(boolean required) { - required_ = required; - } - - /** - * Schema location URIs that may be needed by the - * validator to parse infobox tokens. - * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} - * specifying the location of an XML schema. - * - * @return A list of {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} objects - * each of them specifying the location of an XML schema. - */ - public List getSchemaLocations() { - return schemaLocations_; - } - - /** - * Sets the schema locations. - * - * @see #schemaLocations_ - * - * @param schemaLocations The schema location list to be set. - */ - public void setSchemaLocations(List schemaLocations) { - schemaLocations_ = schemaLocations; - } - - /** - * Returns the ID of the trust profile to be used for verifying certificates. - * - * @return The ID of the trust profile to be used for verifying certificates. - * Maybe <code>null</code>. - */ - public String getTrustProfileID() { - return trustProfileID_; - } - - /** - * Sets the ID of the trust profile to be used for verifying certificates. - * - * @param trustProfileID The ID of the trust profile to be used for verifying certificates. - */ - public void setTrustProfileID(String trustProfileID) { - trustProfileID_ = trustProfileID; - } - - /** - * Returns the name of the class to be used for verifying this infobox. - * - * @return The name of the class to be used for verifying this infobox. - */ - public String getValidatorClassName() { - return validatorClassName_; - } - - /** - * Sets the name of the class to be used for verifying this infobox. - * - * @param validatorClassName The name of the class to be used for verifying this infobox. - */ - public void setValidatorClassName(String validatorClassName) { - validatorClassName_ = validatorClassName; - } - - /** - * Get a string representation of this object. - * This method is for debugging purposes only. - * - * @return A string representation of this object. - */ - public String toString() { - - StringBuffer buffer = new StringBuffer(1024); - - buffer.append(" <Infobox Identifier=\""); - buffer.append(identifier_); - buffer.append("\" required=\""); - buffer.append(required_); - buffer.append("\" provideStammzahl=\""); - buffer.append(provideStammzahl_); - buffer.append("\" provideIdentityLink=\""); - buffer.append(provideIdentityLink_); - buffer.append("\">"); - buffer.append("\n"); - if (friendlyName_ != null) { - buffer.append(" <FriendlyName>"); - buffer.append(friendlyName_); - buffer.append("</FriendlyName>"); - buffer.append("\n"); - } - if (trustProfileID_ != null) { - buffer.append(" <TrustProfileID>"); - buffer.append(trustProfileID_); - buffer.append("</TrustProfileID>"); - buffer.append("\n"); - } - if (validatorClassName_ != null) { - buffer.append(" <ValidatorClass>"); - buffer.append(validatorClassName_); - buffer.append("</ValidatorClass>"); - buffer.append("\n"); - } - if (schemaLocations_ != null) { - buffer.append(" <SchemaLocations>"); - buffer.append("\n"); - Iterator it = schemaLocations_.iterator(); - while (it.hasNext()) { - buffer.append(" <Schema namespace=\""); - Schema schema = (Schema)it.next(); - buffer.append(schema.getNamespace()); - buffer.append("\" schemaLocation=\""); - buffer.append(schema.getSchemaLocation()); - buffer.append("\"/>\n"); - } - buffer.append(" </SchemaLocations>"); - buffer.append("\n"); - } - if (applicationSpecificParams_ != null) { - try { - String applicationSpecificParams = DOMUtils.serializeNode(applicationSpecificParams_); - buffer.append(" "); - buffer.append(StringUtils.removeXMLDeclaration(applicationSpecificParams)); - buffer.append("\n"); - } catch (TransformerException e) { - // do nothing - } catch (IOException e) { - // do nothing - } - } - buffer.append(" </Infobox>"); - - - return buffer.toString() ; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java deleted file mode 100644 index b7a6b42be..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java +++ /dev/null @@ -1,181 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -import java.util.Hashtable; -import java.util.Iterator; -import java.util.List; -import java.util.Map; - -/** - * This class contains the parameters for verifying all the infoboxes configured for an - * online application. - * - * @author Harald Bratko - */ -public class VerifyInfoboxParameters { - - /** - * A map of {@link VerifyInfoboxParameter} objects. - * Each of these objects contains parameters that maybe needed for validating an - * infobox. - */ - protected Map infoboxParameters_; - - /** - * A list of the identifiers of the infoboxes supported by this - * VerifyInfoboxParameters; - */ - protected List identifiers_; - - /** - * Holds the (comma separated) identifiers of those infoboxes MOA-IF is able to validate - * in the context of the actual online application. - * The string will be added as value of the <code>PushInfobox</code> parameter in the - * HTML form used for reading the infoboxes from the BKU. - */ - protected String pushInfobox_; - - /** - * Initializes this VerifyInfoboxParameters with an empty {@link #infoboxParameters_} - * map. - */ - public VerifyInfoboxParameters() { - infoboxParameters_ = new Hashtable(); - pushInfobox_ = ""; - } - - /** - * Initializes this VerifyInfoboxParameters with the given - * <code>infoboxParameters</code> map and builds the {@link #pushInfobox_} string - * from the keys of the given map. - */ - public VerifyInfoboxParameters(List identifiers, Map infoboxParameters) { - identifiers_ = identifiers; - infoboxParameters_ = infoboxParameters; - // build the pushInfobox string - if ((identifiers != null) && (!identifiers.isEmpty())) { - StringBuffer identifiersSB = new StringBuffer(); - int identifiersNum = identifiers.size(); - int i = 1; - Iterator it = identifiers.iterator(); - while (it.hasNext()) { - identifiersSB.append((String)it.next()); - if (i != identifiersNum) { - identifiersSB.append(","); - } - i++; - } - pushInfobox_ = identifiersSB.toString(); - } else { - pushInfobox_ = ""; - } - } - - /** - * Returns the (comma separated) identifiers of the infoboxes configured for the actual - * online application. - * - * @see #pushInfobox_ - * - * @return The (comma separated) identifiers of the infoboxes configured for the actual - * online application. - */ - public String getPushInfobox() { - return pushInfobox_; - } - - /** - * Sets the {@link #pushInfobox_} string. - * - * @param pushInfobox The pushInfobox string to be set. - */ - public void setPushInfobox(String pushInfobox) { - pushInfobox_ = pushInfobox; - } - - /** - * Returns map of {@link VerifyInfoboxParameter} objects. - * Each of these objects contains parameters that maybe needed for validating an - * infobox. - * - * @return The map of {@link VerifyInfoboxParameter} objects. - */ - public Map getInfoboxParameters() { - return infoboxParameters_; - } - - /** - * Sets the map of {@link VerifyInfoboxParameter} objects. - * - * @see #infoboxParameters_ - * - * @param infoboxParameters The infoboxParameters to set. - */ - public void setInfoboxParameters(Map infoboxParameters) { - infoboxParameters_ = infoboxParameters; - } - - /** - * Returns the identifiers of the supported infoboxes. - * - * @return The identifiers. - */ - public List getIdentifiers() { - return identifiers_; - } - - /** - * Sets the identifiers. - * - * @param identifiers The identifiers to set. - */ - public void setIdentifiers(List identifiers) { - identifiers_ = identifiers; - } - -} |