diff options
Diffstat (limited to 'id/server/idserverlib')
9 files changed, 411 insertions, 234 deletions
| diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml index 1c04295d7..cf1b34b4b 100644 --- a/id/server/idserverlib/moa-id-lib.iml +++ b/id/server/idserverlib/moa-id-lib.iml @@ -1,8 +1,8 @@  <?xml version="1.0" encoding="UTF-8"?>  <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">    <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false"> -    <output url="file://$MODULE_DIR$/target/classes" /> -    <output-test url="file://$MODULE_DIR$/target/test-classes" /> +    <output url="file://$MODULE_DIR$/../../target/classes" /> +    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />      <content url="file://$MODULE_DIR$">        <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />        <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" /> diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java index d655dc7f2..4dec2c32e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java @@ -68,6 +68,12 @@ public class STORKConfig {  		//List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
          List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = new ArrayList<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS>();   // TODO Change this
 +        try {
 +            cpeps = stork.getCPEPS();
 +        }   catch (NullPointerException ex) {
 +            Logger.error("CPEPS not configured!");
 +        }
 +
  		cpepsMap = new HashMap<String, CPEPS>();
  		if (cpeps != null) {
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java index 65634bed3..b6fe20a61 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java @@ -2,19 +2,19 @@   * Copyright 2014 Federal Chancellery Austria   * MOA-ID has been developed in a cooperation between BRZ, the Federal   * Chancellery Austria - ICT staff unit, and Graz University of Technology. - *  + *   * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by   * the European Commission - subsequent versions of the EUPL (the "Licence");   * You may not use this work except in compliance with the Licence.   * You may obtain a copy of the Licence at:   * http://www.osor.eu/eupl/ - *  + *   * Unless required by applicable law or agreed to in writing, software   * distributed under the Licence is distributed on an "AS IS" basis,   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   * See the Licence for the specific language governing permissions and   * limitations under the Licence. - *  + *   * This product combines work with different licenses. See the "NOTICE" text   * file for details on the various modules and licenses.   * The "NOTICE" text file is part of the distribution. Any derivative works @@ -46,98 +46,120 @@  package at.gv.egovernment.moa.id.iaik.config; -import java.io.File; -  import at.gv.egovernment.moa.id.config.ConfigurationException;  import at.gv.egovernment.moa.id.config.ConfigurationProvider;  import at.gv.egovernment.moa.id.iaik.servertools.observer.ObservableImpl; -import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.logging.Logger;  import iaik.pki.store.certstore.CertStoreConfiguration;  import iaik.pki.store.certstore.CertStoreParameters;  import iaik.pki.store.certstore.CertStoreTypes;  import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters; +import java.io.File; +  /**   * Implementation of interface needed to initialize an IAIK JSSE <code>TrustManager</code> + *   * @author Paul Ivancsics   * @version $Id$   */ -public class CertStoreConfigurationImpl extends ObservableImpl  -  implements CertStoreConfiguration, DirectoryCertStoreParameters { -  /** identifies the rootDirectory */ -  private String rootDirectory; -  /** ConfigurationProvider */ -  private ConfigurationProvider conf; -  /** Array for storing all CertStoreParameters */ -  private CertStoreParameters[] parameters; - -  /** -   * Create a new <code>CertStoreConfigurationImpl</code>. -   *  -   * @param conf The MOA configuration from which the configuration data is -   * @throws ConfigurationException an any config-error -   * being read. -   */ -  public CertStoreConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException { -    this.conf=conf; -     -    String certStoreRootDirParam = conf.getCertstoreDirectory(); -     -    if (certStoreRootDirParam == null) -      throw new ConfigurationException( -        "config.08", new Object[] {"CertStoreDirectory"}); - -		rootDirectory = FileUtils.makeAbsoluteURL(certStoreRootDirParam, conf.getRootConfigFileDir()); -		if(rootDirectory.startsWith("file:")) rootDirectory = rootDirectory.substring(6); -		File f = new File(rootDirectory); -				if (!f.isDirectory()) -					throw new ConfigurationException( -						"config.05", new Object[] {"CertStoreDirectory"}); -     -    parameters = new CertStoreParameters[] { this }; -  } - -  /** -   * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters() -   */ -  public CertStoreParameters[] getParameters() { -    return parameters; -  } - -  /** -   * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory() -   */ -  public String getRootDirectory() { -    return rootDirectory; -  } - -  /** -   * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew() -   */ -  public boolean createNew() { -    return false; -  } - -  /** -   * @see iaik.pki.store.certstore.CertStoreParameters#getId() -   */ -  public String getId() { -    return "MOA ID Directory CertStore"; -  } - -  /** -   * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly() -   */ -  public boolean isReadOnly() { -    return false; -  } - -  /** -   * @return <code>CertStoreTypes.DIRECTORY</code> -   * @see iaik.pki.store.certstore.CertStoreParameters#getType() -   */ -  public String getType() { -    return CertStoreTypes.DIRECTORY; -  } +public class CertStoreConfigurationImpl extends ObservableImpl +        implements CertStoreConfiguration, DirectoryCertStoreParameters { +    /** +     * identifies the rootDirectory +     */ +    private String rootDirectory; +    /** +     * ConfigurationProvider +     */ +    private ConfigurationProvider conf; +    /** +     * Array for storing all CertStoreParameters +     */ +    private CertStoreParameters[] parameters; + +    /** +     * Create a new <code>CertStoreConfigurationImpl</code>. +     * +     * @param conf The MOA configuration from which the configuration data is +     * @throws ConfigurationException an any config-error +     *                                being read. +     */ +    public CertStoreConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException { +        this.conf = conf; + +        String certStoreRootDirParam = conf.getCertstoreDirectory(); + +        if (certStoreRootDirParam == null) +            throw new ConfigurationException( +                    "config.08", new Object[]{"CertStoreDirectory"}); + +        //rootDirectory = FileUtils.makeAbsoluteURL(certStoreRootDirParam, conf.getRootConfigFileDir()); +        rootDirectory = certStoreRootDirParam; +        Logger.error("Using file: " + rootDirectory); +        if (rootDirectory.startsWith("file:")) rootDirectory = rootDirectory.substring(5); +        Logger.error("Using file2: " + rootDirectory); + +        File f = new File(rootDirectory); +        //Logger.error("Using file: " + certStoreRootDirParam + " param: " + conf.getRootConfigFileDir()); + +        if (!f.exists()) { +            Logger.error("File does not exists: " + f.getAbsolutePath()); +            throw new ConfigurationException( +                    "config.05", new Object[]{"CertStoreDirectory"}); +        } + +        if (!f.isDirectory()) { +            Logger.error("File is not a directory: " + f.getAbsolutePath()); +            throw new ConfigurationException( +                    "config.05", new Object[]{"CertStoreDirectory"}); +        } + + +        parameters = new CertStoreParameters[]{this}; +    } + +    /** +     * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters() +     */ +    public CertStoreParameters[] getParameters() { +        return parameters; +    } + +    /** +     * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory() +     */ +    public String getRootDirectory() { +        return rootDirectory; +    } + +    /** +     * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew() +     */ +    public boolean createNew() { +        return false; +    } + +    /** +     * @see iaik.pki.store.certstore.CertStoreParameters#getId() +     */ +    public String getId() { +        return "MOA ID Directory CertStore"; +    } + +    /** +     * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly() +     */ +    public boolean isReadOnly() { +        return false; +    } + +    /** +     * @return <code>CertStoreTypes.DIRECTORY</code> +     * @see iaik.pki.store.certstore.CertStoreParameters#getType() +     */ +    public String getType() { +        return CertStoreTypes.DIRECTORY; +    }  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 1f6ffaa9a..d742d72ef 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -2,10 +2,17 @@ package at.gv.egovernment.moa.id.protocols.stork2;  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;  import at.gv.egovernment.moa.id.moduls.IAction;  import at.gv.egovernment.moa.id.moduls.IRequest;  import at.gv.egovernment.moa.id.storage.AssertionStorage;  import at.gv.egovernment.moa.logging.Logger; +import edu.emory.mathcs.backport.java.util.Collections; +import eu.stork.peps.auth.commons.*; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import org.apache.commons.io.IOUtils; +import org.apache.velocity.Template;  import org.apache.velocity.VelocityContext;  import org.apache.velocity.app.VelocityEngine;  import org.apache.velocity.runtime.RuntimeConstants; @@ -22,6 +29,7 @@ import java.io.Writer;  import java.util.HashMap;  import eu.stork.peps.auth.engine.SAMLEngine; +  /**   * @author bsuzic   *         Date: 12/3/13, Time: 2:08 PM @@ -35,19 +43,26 @@ public class AuthenticationRequest implements IAction {      private VelocityEngine velocityEngine; +    private AuthenticationSession moaSession; +    private MOASTORKAuthnRequest moaStorkAuthnRequest;      public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + +        this.moaSession = moasession; +        this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; +          Logger.debug("Starting AuthenticationRequest");          //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession);          Logger.debug("Http Response: " + httpResp.toString() + ", "); +        Logger.debug("Remote user: " + httpReq.getRemoteAddr());          Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget());          httpResp.reset();          //httpResp.addHeader("Location", "http:/www.google.com"); -        if (req instanceof STORKAuthnRequestDEL) { +        if (req instanceof MOASTORKAuthnRequest) {            /* -            Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel()); -            StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest()); +            Logger.debug("STORK QAA 2 :" + ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getQAALevel()); +            StartAuthResponse startAuthResponse = getStartAuthResponse(((MOASTORKAuthnRequest) req).getStorkAuthnRequest());              HttpSession httpSession = httpReq.getSession();              httpSession.setAttribute("STORKSessionID", "12345"); @@ -97,6 +112,105 @@ public class AuthenticationRequest implements IAction {          // see if we need to fetch further attributes          return (new AttributeCollector()).processRequest(container); + + +        STORKAuthnResponse authnResponse = new STORKAuthnResponse(); +        authnResponse.setCountry("AT"); + + + + + +        try { +            IPersonalAttributeList moaAttrList =  moasession.getStorkAttributes(); +            Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); + + +            for (PersonalAttribute personalAttribute : moaAttrList) { +            Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); +            if (personalAttribute.getValue().size() > 0) { +                for (String value : personalAttribute.getValue()) { +                    Logger.info("     Value found: " + value); +                } +            } +        } + +        } catch (Exception e) { +            Logger.error("Exception, attributes: " + e.getMessage()); +        } + +        authnResponse.setPersonalAttributeList(populateAttributes()); + +        try { +            //Get SAMLEngine instance +            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); +            Logger.debug("Starting generation of SAML response"); +            authnResponse = engine.generateSTORKAuthnResponse(((MOASTORKAuthnRequest)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false); +            //generateSAML Token +            Logger.info("SAML response succesfully generated!"); +        }catch(STORKSAMLEngineException e){ +            Logger.error("Failed to generate STORK SAML Response", e); +            throw new MOAIDException("stork.05", null); +        } + +        Logger.info("STORK SAML Response message succesfully generated "); +        Logger.debug("STORK response: "); + +        Logger.debug("authn response string: " + authnResponse.toString()); + +        String statusCodeValue = authnResponse.getStatusCode(); +        Logger.debug("authn status code value: " + statusCodeValue); + +        try { +            Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); +            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // radi +            Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + +        } catch (IOException e) { +            e.printStackTrace(); +        } + +        try { +            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); +            Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); +            VelocityContext context = new VelocityContext(); +            //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString())); + +            //context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml())); + +            context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); +            Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); +            //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.encode(context.get("SAMLResponse").toString().getBytes())); + +            Logger.debug("Putting assertion consumer url as action: " + ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); +            context.put("action", ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); +            Logger.debug("Starting template merge"); +            StringWriter writer = new StringWriter(); +            //PrintWriter pwriter = new StringWriter(); + +            Logger.debug("Doing template merge"); +            template.merge(context, writer); +            Logger.debug("Template merge done"); + +            Logger.debug("Sending html content: " + writer.getBuffer().toString()); +            Logger.debug("Sending html content2  : " + new String(writer.getBuffer())); + + + +            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + +        } catch (Exception e) { +            Logger.error("Velocity error: " + e.getMessage()); +        } + +        HttpSession httpSession = httpReq.getSession(); +        httpSession.setAttribute("STORKSessionID", "12345"); +        Logger.info("Status code again: " + authnResponse.getStatusCode()); + + + + +        return "12345"; // AssertionId      }      public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { @@ -104,58 +218,57 @@ public class AuthenticationRequest implements IAction {      } -    /* +    public PersonalAttributeList populateAttributes() { + +        IPersonalAttributeList attrLst = moaStorkAuthnRequest.getStorkAuthnRequest().getPersonalAttributeList(); +        Logger.info("Found " + attrLst.size() + " personal attributes in the request." ); + +        // Define attribute list to be populated +        PersonalAttributeList attributeList = new PersonalAttributeList(); +        MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink()); + +        try { +            for (PersonalAttribute personalAttribute : attrLst) { +                Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired()); -    public StartAuthResponse getStartAuthResponse(STORKAuthnRequest authnRequest) { +                moaAttributeProvider.populateAttribute(attributeList, personalAttribute); -        StartAuthResponse authResponse = new StartAuthResponse(500, null, new HashMap<String, String>()); +     //           if ("givenName".equals(personalAttribute.getName())) { +     //               Logger.debug("Providing new attribute: " + personalAttribute.getName()); +     //               PersonalAttribute newAttribute = new PersonalAttribute(); +     //               newAttribute.setName("givenName"); +     //               newAttribute.setValue(new ArrayList<String>(Collections.singletonList(moaSession.getIdentityLink().getGivenName()))); +     //               attributeList.add(newAttribute); +    //            } -        if (authnRequest.getSPID() != null) { -            Logger.debug("SP id: " + authnRequest.getSPID()); -        } else { -            SpInstitution spInstitution = (SpInstitution)authnRequest.getExtensions().getUnknownXMLObjects(SpInstitution.DEFAULT_ELEMENT_NAME).get(0); -            Logger.debug("SP institution: " + spInstitution.getValue()); +            } +        }  catch (Exception e) { +            Logger.error("Exception, attributes: " + e.getMessage());          } -        Logger.debug("SPEPS issuer: " + authnRequest.getIssuer().getValue()); -        Logger.debug("SPEPS Consumer URL: " + authnRequest.getAssertionConsumerServiceURL()); +        Logger.debug("AUTHBLOCK " + moaSession.getAuthBlock()); +        Logger.debug("TARGET " + moaSession.getTarget() + " " + moaSession.getTargetFriendlyName()); -        try { +        Logger.debug("SESSION IDENTIFIER " + moaSession.getCcc() + " " + moaSession.getDomainIdentifier()); -            initVelocityEngine(); -            VelocityContext velocityContext = new VelocityContext(); -            velocityContext.put("action", authnRequest.getDestination()); -            if (authnRequest.getDOM() == null) { -                SAMLUtil.marshallMessage(authnRequest); -            } +        Logger.debug("AUTHBLOCKTOKKEN" + moaSession.getAuthBlockTokken()); -            String messageXML = XMLHelper.nodeToString(authnRequest.getDOM()); -            String encodedMessage = Base64.encodeBytes(messageXML.getBytes("UTF-8"), Base64.DONT_BREAK_LINES); -            velocityContext.put("SAMLRequest", encodedMessage); -            ByteArrayOutputStream outStream = new ByteArrayOutputStream(); +        // moaAttributeProvider.populateAttribute(attributeList, personalAttribute.getName()); -            Writer out = new OutputStreamWriter(outStream, "UTF-8"); -            velocityEngine.mergeTemplate("/templates/saml2-post-binding.vm", "UTF-8", velocityContext, out); -            out.flush(); -            authResponse.setContent(outStream.toByteArray()); +    //    moaAttributeProvider.populateAttribute(attributeList, "givenName"); -            authResponse.addHeader("Content-Type", "text/html; charset=utf-8"); -            authResponse.addHeader("Cache-Control", "no-cache"); -            authResponse.setHttpStatusCode(200); +    //    moaAttributeProvider.populateAttribute(attributeList, "surname"); -        } catch (Exception e) { -            Logger.error("ERROR"); -        } +    //    moaAttributeProvider.populateAttribute(attributeList, "xxname"); +    //    moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth");          return authResponse;      } -    */ -      public String getDefaultActionName() {          return STORKProtocol.AUTHENTICATIONREQUEST;      } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java new file mode 100644 index 000000000..414e383fa --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -0,0 +1,94 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +/** + * @author bsuzic + *         Date: 2/19/14, Time: 4:42 PM + */ +public class MOAAttributeProvider { +    private final IdentityLink identityLink; +    private static final Map<String, String> storkAttributeSimpleMapping; +    private static final Map<String, String> storkAttributeFunctionMapping; + +    static { +        Map<String, String> tempSimpleMap = new HashMap<String, String>(); +        tempSimpleMap.put("givenName", "getGivenName"); +        tempSimpleMap.put("surname", "getFamilyName"); +        tempSimpleMap.put("dateOfBirth", "getDateOfBirth"); +        storkAttributeSimpleMapping = Collections.unmodifiableMap(tempSimpleMap); +        Map<String, String> tempFunctionMap = new HashMap<String, String>(); +        tempFunctionMap.put("eIdentifier", "geteIdentifier"); +        storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); +    } + +    public MOAAttributeProvider(IdentityLink identityLink) { +        this.identityLink = identityLink; +        Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue()); +    } + +    public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) { +        String storkAttribute = requestedAttribute.getName(); + +        if (storkAttributeSimpleMapping.containsKey(storkAttribute)) { +            Logger.debug("Trying to get value for attribute using simple mapping [" + storkAttribute + "]"); +            try { +                Method method = identityLink.getClass().getDeclaredMethod(storkAttributeSimpleMapping.get(storkAttribute)); +                populateAttributeWithMethod(method, identityLink, attributeList, storkAttribute, requestedAttribute.isRequired()); +            } catch (NoSuchMethodException e) { +                Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute); +                e.printStackTrace(); +            } + +        } else if (storkAttributeFunctionMapping.containsKey(storkAttribute)) { + +            Logger.debug("Trying to get value for attribute using function mapping [" + storkAttribute + "]"); +            try { +                Method method = this.getClass().getDeclaredMethod(storkAttributeFunctionMapping.get(storkAttribute)); +                populateAttributeWithMethod(method, this, attributeList, storkAttribute, requestedAttribute.isRequired()); +            } catch (NoSuchMethodException e) { +                Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute); +                e.printStackTrace(); +            } +        } else { +            Logger.debug("MOA method for extraction of attribute " + storkAttribute + " not defined."); +        } +    } + +    private String geteIdentifier() { +        return "askdlaskdlaskdsds"; +    } + +    private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) { +        try { +            String attributeValue = method.invoke(object, new Class[]{}).toString(); +            PersonalAttribute newAttribute = new PersonalAttribute(); +            newAttribute.setName(storkAttribute); + +            newAttribute.setStatus("Available"); +            newAttribute.setIsRequired(isRequired); +            Logger.debug("Got attribute value: " + attributeValue); +            newAttribute.setValue(new ArrayList<String>(edu.emory.mathcs.backport.java.util.Collections.singletonList(attributeValue))); +            attributeList.add(newAttribute); +        } catch (InvocationTargetException e) { +            Logger.error("Invocation target exception while getting attribute: " + storkAttribute); +            e.printStackTrace(); +        } catch (IllegalAccessException e) { +            Logger.error("Illegal access exception while getting attribute: " + storkAttribute); +            e.printStackTrace(); +        } +    } + + +} + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java index c8a5ac84d..cee64e16e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java @@ -8,9 +8,8 @@ import org.opensaml.common.xml.SAMLConstants;   * @author bsuzic   *         Date: 12/4/13, Time: 6:31 PM   */ -//public class STORKAuthnRequestDEL extends STORKAuthnRequestImpl implements IRequest { -public class STORKAuthnRequestDEL implements IRequest { +public class MOASTORKAuthnRequest implements IRequest {      private String requestID;      private String target = null;      String module = null; @@ -26,6 +25,7 @@ public class STORKAuthnRequestDEL implements IRequest {      }      public String getOAURL() { +          return "https://sp:8889/SP";  //      } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java deleted file mode 100644 index 54072b6a3..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java +++ /dev/null @@ -1,105 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; -import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import org.opensaml.common.binding.BasicSAMLMessageContext; -import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; -import org.opensaml.ws.transport.http.HTTPInTransport; - - -/** - * @author bsuzic - *         Date: 1/22/14, Time: 5:30 PM - */ -public class STORKAuthnReq implements IRequest { -    private String requestID; -    private String target = null; -    String module = null; -    String action = null; -    private STORKAuthnRequest storkAuthnRequest; - -    public void setSTORKAuthnRequest(STORKAuthnRequest request) { -        this.storkAuthnRequest = request; -    } - -    public STORKAuthnRequest getStorkAuthnRequest() { -        return this.storkAuthnRequest; -    } - -    public void createStorkReq(HTTPInTransport profileReq) { -        Logger.debug("Generate stork request test..."); -        storkAuthnRequest = new STORKAuthnRequest(); - -        BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); -        samlMessageContext.setInboundMessageTransport(profileReq); - -        HTTPPostDecoder postDecoder = new HTTPPostDecoder(); -        postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator - -        try { -            Logger.debug("Attempting to decode request..."); -            postDecoder.decode(samlMessageContext); -        } catch (Exception e) { -            Logger.error("Error decoding STORKAuthnRequest", e); -        } - - - -        //storkAuthnRequest = (STORKAuthnRequest)samlMessageContext.getInboundSAMLMessage(); -        //samlMessageContext.getinbound -        //storkAuthnRequest.set - - - -    } - - - -    public String getOAURL() { -        return "https://sp:8889/SP";  // -    } - -    public boolean isPassiv() { -        return false;  // -    } - -    public boolean forceAuth() { -        return false;  // -    } - -    public boolean isSSOSupported() { -        return false;  // -    } - -    public String requestedModule() { -        return this.module;  // -    } - -    public String requestedAction() { -        return action;  // -    } - -    public void setModule(String module) { -        this.module = module; -    } - -    public void setAction(String action) { -        this.action = action; -    } - -    public String getTarget() { -        return this.target;  // -    } - -    public void setRequestID(String id) { -        this.requestID = id; -    } - -    public String getRequestID() { -        return this.requestID;  // -    } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 318a8fc9c..502925a2a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -1,6 +1,5 @@  package at.gv.egovernment.moa.id.protocols.stork2; -import at.gv.egovernment.moa.id.auth.AuthenticationServer;  import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;  import at.gv.egovernment.moa.id.moduls.IAction; @@ -9,7 +8,6 @@ import at.gv.egovernment.moa.id.moduls.IRequest;  import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;  import at.gv.egovernment.moa.logging.Logger;  import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.STORKAuthnResponse;  import eu.stork.peps.auth.engine.STORKSAMLEngine;  import eu.stork.peps.exceptions.STORKSAMLEngineException;  import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -109,8 +107,8 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {          /*          STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage(); -        //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage(); -        STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL(); +        //MOASTORKAuthnRequest STORK2Request = (MOASTORKAuthnRequest)samlMessageContext.getInboundSAMLMessage(); +        MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest();          STORK2Request.setSTORKAuthnRequest(ST2Req);          Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode()); @@ -118,10 +116,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {          Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString());          */ -        STORKAuthnReq storkAuthnReq = new STORKAuthnReq(); +        //STORKAuthnReq storkAuthnReq = new STORKAuthnReq(); -        STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL(); +        MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest();          //extract STORK Response from HTTP Request @@ -155,6 +153,8 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {          Logger.error("spi " + authnRequest.getSpInstitution()); +        STORK2Request.setSTORKAuthnRequest(authnRequest); +          return STORK2Request;      } @@ -170,6 +170,11 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {      public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {          return false;      } + +    public void checkPersonalAttributes() { + + +    }  } diff --git a/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html b/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html new file mode 100644 index 000000000..f655caee0 --- /dev/null +++ b/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html @@ -0,0 +1,42 @@ +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> + +<body onload="document.forms[0].submit()"> +	<noscript> +		<p> +			<strong>Note:</strong> Since your browser does not support +			JavaScript, you must press the Continue button once to proceed. +		</p> +	</noscript> + + +	<div id="alert">Your login is being processed. Thank you for +		waiting.</div> + +	<style type="text/css"> +<!-- +#alert { +	margin: 100px 250px; +	font-family: Verdana, Arial, Helvetica, sans-serif; +	font-size: 14px; +	font-weight: normal; +} +--> +</style> + +	<form action="${action}" method="post" target="_parent"> +		<div> +			#if($RelayState)<input type="hidden" name="RelayState" +				value="${RelayState}" />#end #if($SAMLRequest)<input type="hidden" +				name="SAMLRequest" value="${SAMLRequest}" />#end #if($SAMLResponse)<input +				type="hidden" name="SAMLResponse" value="${SAMLResponse}" />#end + +		</div> +		<noscript> +			<div> +				<input type="submit" value="Continue" /> +			</div> +		</noscript> +	</form> + +</body> +</html> | 
