diff options
Diffstat (limited to 'id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id')
28 files changed, 538 insertions, 1045 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java index 6f6735d48..663f712ef 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java @@ -35,8 +35,8 @@ public class MOAIDAuthConstants extends MOAIDConstants{ public static final String PARAM_ACTION = "ACTION"; public static final String PARAM_SSO = "SSO"; public static final String INTERFEDERATION_IDP = "interIDP"; - public static final String PARAM_TARGET_PENDINGREQUESTID = "pendingid"; + public static final String PARAM_SLOSTATUS = "status"; public static final String PARAM_SLORESTART = "restart"; public static final String SLOSTATUS_SUCCESS = "success"; @@ -171,25 +171,20 @@ public class MOAIDAuthConstants extends MOAIDConstants{ public static final String COUNTRYCODE_AUSTRIA = "AT"; public static final String REGEX_PATTERN_TARGET = "^[A-Za-z]{2}(-.*)?$"; - - //MDC variables for logging - public static final String MDC_TRANSACTION_ID = "transactionId"; - public static final String MDC_SESSION_ID = "sessionId"; - public static final String MDC_SERVICEPROVIDER_ID = "oaId"; - + //AuthnRequest IssueInstant validation public static final int TIME_JITTER = 5; //all 5 minutes time jitter //General MOASession data-store keys - public static final String MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE = "holderofkey_cert"; + //public static final String MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE = "holderofkey_cert"; //Process context keys public static final String PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH = "interfederationAuthentication"; public static final String PROCESSCONTEXT_REQUIRELOCALAUTHENTICATION = "requireLocalAuthentication"; public static final String PROCESSCONTEXT_PERFORM_BKUSELECTION = "performBKUSelection"; public static final String PROCESSCONTEXT_ISLEGACYREQUEST = "isLegacyRequest"; - public static final String PROCESSCONTEXT_UNIQUE_OA_IDENTFIER = "uniqueSPId"; - public static final String PROCESSCONTEXT_SSL_CLIENT_CERTIFICATE = MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE; + //public static final String PROCESSCONTEXT_UNIQUE_OA_IDENTFIER = "uniqueSPId"; + //public static final String PROCESSCONTEXT_SSL_CLIENT_CERTIFICATE = MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE; //General protocol-request data-store keys public static final String AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE = "authProces_SecurityLayerTemplate"; @@ -199,5 +194,9 @@ public class MOAIDAuthConstants extends MOAIDConstants{ @Deprecated public static final String AUTHPROCESS_DATA_TARGETFRIENDLYNAME = "authProces_TargetFriendlyName"; + public static final String DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP = "useMinimalFrontChannelResponse"; + public static final String DATAID_INTERFEDERATION_NAMEID = "federatedNameID"; + public static final String DATAID_INTERFEDERATION_QAALEVEL = "federatedQAALevel"; + public static final String DATAID_INTERFEDERATION_REQUESTID = "authnReqID"; } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java index 436dcc91d..c56116255 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java @@ -28,6 +28,7 @@ import java.util.Hashtable; import java.util.List; import java.util.Map; +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; import at.gv.egovernment.moa.util.Constants; /** @@ -38,18 +39,18 @@ public class MOAIDConstants { //general configuration constants - public static final String DEFAULT_CONTENT_TYPE_HTML_UTF8 = "text/html; charset=UTF-8"; + public static final String DEFAULT_CONTENT_TYPE_HTML_UTF8 = EAAFConstants.CONTENTTYPE_HTML_UTF8; public static final String FILE_URI_PREFIX = "file:/"; - public static final String PREFIX_BASEID = Constants.URN_PREFIX_BASEID; - public static final String PREFIX_PBK = Constants.URN_PREFIX_BPK; + public static final String PREFIX_BASEID = EAAFConstants.URN_PREFIX_BASEID; + public static final String PREFIX_PBK = EAAFConstants.URN_PREFIX_BPK; public static final String PREFIX_HPI = Constants.URN_PREFIX_HPI; - public static final String PREFIX_CDID = Constants.URN_PREFIX_CDID + "+"; - public static final String PREFIX_WPBK = Constants.URN_PREFIX_WBPK + "+"; + public static final String PREFIX_CDID = EAAFConstants.URN_PREFIX_CDID; + public static final String PREFIX_WPBK = EAAFConstants.URN_PREFIX_WBPK; public static final String PREFIX_STORK = Constants.URN_PREFIX_STORK + "+"; - public static final String PREFIX_EIDAS = Constants.URN_PREFIX_EIDAS + "+"; + public static final String PREFIX_EIDAS = EAAFConstants.URN_PREFIX_EIDAS; public static final String IDENIFICATIONTYPE_FN = "FN"; @@ -76,8 +77,6 @@ public class MOAIDConstants { public static final List<String> ALLOWED_eIDAS_LOA; public static final List<String> JDBC_DRIVER_NEEDS_WORKAROUND; - public static final String UNIQUESESSIONIDENTIFIER = "uniqueSessionIdentifier"; - public static final String eIDAS_LOA_LOW = "http://eidas.europa.eu/LoA/low"; public static final String eIDAS_LOA_SUBSTANTIAL = "http://eidas.europa.eu/LoA/substantial"; public static final String eIDAS_LOA_HIGH = "http://eidas.europa.eu/LoA/high"; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java index 4dda4c736..a787cea00 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java @@ -29,35 +29,7 @@ public interface AuthConfiguration extends ConfigurationProvider{ public Map<String, String> getConfigurationWithPrefix(final String Prefix); public String getConfigurationWithKey(final String key); - - /** - * Get a configuration value from basic file based MOA-ID configuration - * - * @param key configuration key - * @return configuration value or null if it is not found - */ - public String getBasicMOAIDConfiguration(final String key); - - - /** - * Get a configuration value from basic file based MOA-ID configuration - * - * @param key configuration key - * @param defaultValue Default value if no value with this key is found - * @return configuration value - */ - public String getBasicMOAIDConfiguration(final String key, final String defaultValue); - - /** - * Get a set of configuration values from basic file based MOA-ID configuration that starts with this prefix - * <br><br> - * <b>Important:</b> The configuration values must be of type String! - * - * @param prefix Prefix of the configuration key - * @return Map<String, String> without prefix, but never null - */ - public Map<String, String> getBasicMOAIDConfigurationWithPrefix(final String prefix); - + public int getTransactionTimeOut(); public int getSSOCreatedTimeOut(); public int getSSOUpdatedTimeOut(); @@ -66,15 +38,13 @@ public interface AuthConfiguration extends ConfigurationProvider{ public List<String> getLegacyAllowedProtocols(); - public IOAAuthParameters getOnlineApplicationParameter(String oaURL); - public String getMoaSpAuthBlockTrustProfileID(boolean useTestTrustStore) throws ConfigurationException; public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException; public ConnectionParameterInterface getMoaSpConnectionParameter() throws ConfigurationException; - public ConnectionParameterInterface getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException; +// public ConnectionParameterInterface getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException; /** * Get parameters to connect the Online Mandate-Service (MIS) @@ -205,12 +175,4 @@ public interface AuthConfiguration extends ConfigurationProvider{ */ public String[] getRevocationMethodOrder(); - /** - * Get a boolean value from basic MOA-ID configuration file - * - * @param key Configuration key - * @param defaultValue Default result - * @return returns the value of the configuration key, or the default value if the key is not set - */ - public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue); } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java index e14f9c9ce..12b9517a6 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java @@ -22,11 +22,14 @@ */ package at.gv.egovernment.moa.id.commons.api; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; + /** * @author tlenz * */ -public interface ConfigurationProvider { +public interface ConfigurationProvider extends IConfiguration{ /** * The name of the system property which contains the file name of the @@ -54,14 +57,15 @@ public interface ConfigurationProvider { public static final String TRUST_MANAGER_REVOCATION_CHECKING = "TrustManager.RevocationChecking"; - public String getRootConfigFileDir(); - public String getDefaultChainingMode(); public String getTrustedCACertificates(); public boolean isTrustmanagerrevoationchecking(); + + public String getRootConfigFileDir() throws ConfigurationException; + /** * Get active Spring profiles from file based configuration * diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java index 1e1bfa94b..5df4a4163 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java @@ -22,11 +22,12 @@ */ package at.gv.egovernment.moa.id.commons.api; +import java.io.Serializable; import java.security.PrivateKey; import java.util.Collection; import java.util.List; -import java.util.Map; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; import at.gv.egovernment.moa.id.commons.api.data.CPEPS; import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; @@ -37,10 +38,7 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; * @author tlenz * */ -public interface IOAAuthParameters { - - public static final String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing"; - public static final String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission"; +public interface IOAAuthParameters extends ISPConfiguration{ public static final String THIRDBKU = "thirdBKU"; public static final String HANDYBKU = "handy"; @@ -53,20 +51,6 @@ public interface IOAAuthParameters { public static final String EIDAS = "eIDAS"; public static final String AUTHTYPE_OTHERS = "others"; - /** - * Get the full key/value configuration for this online application - * - * @return an unmodifiable map of key/value pairs - */ - public Map<String, String> getFullConfiguration(); - - /** - * Get a configuration value from online application key/value configuration - * - * @param key: The key identifier of a configuration value * - * @return The configuration value {String} or null if the key does not exist - */ - public String getConfigurationValue(String key); public String getFriendlyName(); @@ -80,9 +64,9 @@ public interface IOAAuthParameters { * 'urn:publicid:gv.at:cdid+' is allowed to receive baseIDs * * @return true if there is a restriction, otherwise false - * @throws ConfigurationException In case of online-application configuration has public and private identifies */ - public boolean hasBaseIdInternalProcessingRestriction() throws ConfigurationException; + @Override + public boolean hasBaseIdInternalProcessingRestriction(); /** @@ -93,21 +77,11 @@ public interface IOAAuthParameters { * 'urn:publicid:gv.at:cdid+' is allowed to receive baseIDs * * @return true if there is a restriction, otherwise false - * @throws ConfigurationException In case of online-application configuration has public and private identifies */ - public boolean hasBaseIdTransferRestriction() throws ConfigurationException; - - - /** - * Get the full area-identifier for this online application to calculate the - * area-specific unique person identifier (bPK, wbPK, eIDAS unique identifier, ...). - * This identifier always contains the full prefix - * - * @return area identifier with prefix - * @throws ConfigurationException In case of online-application configuration has public and private identifies - */ - public String getAreaSpecificTargetIdentifier() throws ConfigurationException; + @Override + public boolean hasBaseIdTransferRestriction(); + /** * Get a friendly name for the specific area-identifier of this online application * @@ -254,4 +228,11 @@ public interface IOAAuthParameters { public List<Integer> getReversionsLoggingEventCodes(); + /** + * Get a List of sectors for that this service provider requires foreign bPKs + * + * @return list of sectors, or null if no sectors are defined + */ + public List<String> foreignbPKSectorsRequested(); + }
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java deleted file mode 100644 index 88cd89319..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java +++ /dev/null @@ -1,221 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.commons.api; - -import java.util.Collection; - -import org.opensaml.saml2.metadata.provider.MetadataProvider; - -import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; -import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; - -public interface IRequest { - - /** - * Indicates the module, which implements this authentication protocol. - * The class, which is referenced, had to implement the 'IModulInfo' interface. - * - * @return Full-qualified name of the class which implements this protocol - */ - public String requestedModule(); - - /** - * Indicates the protocol specific action, which should executed if the request is processed. - * The class, which is referenced, had to implement the 'IAction' interface. - * - * @return Full-qualified name of the class which implements the action - */ - public String requestedAction(); - - /** - * Unique identifier, which indicates the service provider. - * In case of SAML1 protocol, it is the OA http-GET parameter - * - * @return Unique identifier for the service provider - */ - public String getOAURL(); - - /** - * Indicates the passive flag in authentication requests. - * If the passive flag is set, the identification and authentication process - * failed if no active SSO session is found. - * - * @return true, if the is passive flag is set in authentication request, otherwise false - */ - public boolean isPassiv(); - - /** - * Indicates the force authentication flag in authentication request - * If this flag is set, a new identification and authentication process - * is carried out in any case. - * - * @return true, if the force authentication flag is set, otherwise false - */ - public boolean forceAuth(); - - - /** - * Returns a generic request-data object with is stored with a specific identifier - * - * @param key The specific identifier of the request-data object - * @return The request-data object or null if no data is found with this key - */ - public Object getGenericData(String key); - - /** - * Returns a generic request-data object with is stored with a specific identifier - * - * @param key The specific identifier of the request-data object - * @param clazz The class type which is stored with this key - * @return The request-data object or null if no data is found with this key - */ - public <T> T getGenericData(String key, final Class<T> clazz); - - /** - * Store a generic data-object to request with a specific identifier - * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface - * @throws SessionDataStorageException Error message if the data-object can not stored to generic request-data storage - */ - public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException; - - /** - * Hold the identifier of this request object. - * This identifier can be used to load the request from request storage - * - * @return Request identifier - */ - public String getRequestID(); - - - /** - * Hold the identifier of the SSO MOASession which is associated with this request - * - * @return SSO MOASession identifier if a associated session exists, otherwise null - */ - public String getInternalSSOSessionIdentifier(); - - - /** - * Hold the MOASession object of a pending request - * This MOASession object is NOT stored to AuthenticationSession database, because it is only part of the pending request - * - * @return {@link IAuthenticationSession} AuthenticationSession data object of this pending request - */ - public IAuthenticationSession getMOASession(); - - - /** - * Populate the MOASession object of a pending request with information from an SSO session database - * - * @param ssoSession - */ - public void populateMOASessionWithSSOInformation(IAuthenticationSession ssoSession); - - /** - * Holds a unique transaction identifier, which could be used for looging - * This transaction identifier is unique for a single identification and authentication process - * - * @return Unique transaction identifier. - */ - public String getUniqueTransactionIdentifier(); - - /** - * Holds a unique session identifier, which could be used for logging - * This session identifier is unique for the full Single Sign-On session time - * - * @return Unique session identifier - */ - public String getUniqueSessionIdentifier(); - - - /** - * Hold the identifier if the process instance, which is associated with this request - * - * @return ProcessInstanceID if this request is associated with a authentication process, otherwise null - */ - public String getProcessInstanceId(); - - - /** - * get the IDP URL PreFix, which was used for authentication request - * - * @return IDP URL PreFix <String>. The URL prefix always ends without / - */ - public String getAuthURL(); - public String getAuthURLWithOutSlash(); - - /** - * Indicates if this pending request needs authentication - * - * @return true if this request needs authentication, otherwise false - */ - public boolean isNeedAuthentication(); - - /** - * Indicates, if this pending request needs Single Sign-On (SSO) functionality - * - * @return true if this request needs SSO, otherwise false - */ - public boolean needSingleSignOnFunctionality(); - public void setNeedSingleSignOnFunctionality(boolean needSSO); - - /** - * Indicates, if this pending request is already authenticated - * - * @return true if this request is already authenticated, otherwise false - */ - public boolean isAuthenticated(); - public void setAuthenticated(boolean isAuthenticated); - - /** - * Get get Service-Provider configuration which is associated with this request. - * - * @return Service-Provider configuration - */ - public IOAAuthParameters getOnlineApplicationConfiguration(); - - /** - * Indicates, if this pending-request is aborted by the user - * - * @return true, if it is aborted, otherwise false - */ - public boolean isAbortedByUser(); - - /** - * Set the 'isAboredByUser' flag of this pending-request - * - * @param b true, if the user has abort the authentication process, otherwise false - */ - public void setAbortedByUser(boolean isAborted); - - /** - * This method get a Set of PVP 2.1 attribute, which are request by this pending-request. - * @param metadataProvider SAML2 Metadata Provider, or null if no metadata provider is required - * - * @return A set of PVP attribute names or null if no attributes are requested - * or the Service Provider, which sends this request needs no attributes - */ - public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider); -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java index db413b0f5..31a0573b6 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java @@ -22,40 +22,25 @@ */ package at.gv.egovernment.moa.id.commons.api.data; +import at.gv.egiz.eaaf.core.api.idp.EAAFAuthProcessDataConstants; + /** * @author tlenz * */ -public interface AuthProzessDataConstants { - - public static final String GENERIC_PREFIX = "generic_"; +public interface AuthProzessDataConstants extends EAAFAuthProcessDataConstants { - - public static final String FLAG_IS_FOREIGNER = "direct_flagIsForeigner"; - public static final String FLAG_USE_MANDATE = "direct_flagUseMandate"; - public static final String FLAG_IS_ORGANWALTER = "direct_flagOrganwalter"; - public static final String FLAG_IS_AUTHENTICATED = "direct_flagIsAuth"; public static final String FLAG_SAMLATTRIBUTEGEBEORWBPK = "direct_SAMLAttributeGebeORwbpk"; - - public static final String VALUE_CREATED = "direct_created"; - public static final String VALUE_ISSUEINSTANT = "direct_issueInstant"; - public static final String VALUE_SESSIONID = "direct_sessionId"; public static final String VALUE_SIGNER_CERT = "direct_signerCert"; public static final String VALUE_IDENTITYLINK = "direct_idl"; public static final String VALUE_BKUURL = "direct_bkuUrl"; public static final String VALUE_AUTHBLOCK = "direct_authBlock"; public static final String VALUE_AUTNBLOCKTOKKEN = "direct_authblocktokken"; - public static final String VALUE_QAALEVEL = "direct_qaaLevel"; - public static final String VALUE_VERIFYSIGRESP = "direct_verifySigResp"; - + public static final String VALUE_VERIFYSIGRESP = "direct_verifySigResp"; public static final String VALUE_MISSESSIONID = "direct_MIS_SessionId"; public static final String VALUE_MISREFVALUE = "direct_MIS_RefValue"; - public static final String VALUE_MISMANDATE = "direct_MIS_Mandate"; - - - @Deprecated public static final String VALUE_EXTENTEDSAMLATTRAUTH = "direct_extSamlAttrAuth"; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java index cb81fe79e..5fec08053 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java @@ -34,8 +34,8 @@ import java.security.UnrecoverableKeyException; import org.apache.commons.lang3.SerializationUtils; +import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.KeyStoreUtils; /** diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java index 8bffceaed..1d54af7c8 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java @@ -22,22 +22,17 @@ */ package at.gv.egovernment.moa.id.commons.api.data; -import java.util.Date; import java.util.List; import java.util.Map; -import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; import iaik.x509.X509Certificate; /** * @author tlenz * */ -public interface IAuthenticationSession { - - boolean isAuthenticated(); - - void setAuthenticated(boolean authenticated); +public interface IAuthenticationSession extends IAuthProcessDataContainer { X509Certificate getSignerCertificate(); @@ -46,34 +41,20 @@ public interface IAuthenticationSession { void setSignerCertificate(X509Certificate signerCertificate); /** - * Returns the identityLink. - * - * @return IdentityLink - */ - IIdentityLink getIdentityLink(); - - /** * Returns the sessionID. * * @return String */ - String getSessionID(); - - /** - * Sets the identityLink. - * - * @param identityLink - * The identityLink to set - */ - void setIdentityLink(IIdentityLink identityLink); + String getSSOSessionID(); + /** * Sets the sessionID. * * @param sessionId * The sessionID to set */ - void setSessionID(String sessionId); + void setSSOSessionID(String sessionId); /** * Returns the BKU URL. @@ -158,20 +139,6 @@ public interface IAuthenticationSession { */ void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk); - /** - * Returns the issuing time of the AUTH-Block SAML assertion. - * - * @return The issuing time of the AUTH-Block SAML assertion. - */ - String getIssueInstant(); - - /** - * Sets the issuing time of the AUTH-Block SAML assertion. - * - * @param issueInstant - * The issueInstant to set. - */ - void setIssueInstant(String issueInstant); /** * @@ -180,13 +147,6 @@ public interface IAuthenticationSession { */ void setUseMandate(String useMandate); - void setUseMandates(boolean useMandates); - - /** - * @return - */ - boolean isMandateUsed(); - /** * * @param misSessionID @@ -212,9 +172,6 @@ public interface IAuthenticationSession { */ void setMandateReferenceValue(String mandateReferenceValue); - boolean isForeigner(); - - void setForeigner(boolean isForeigner); IVerifiyXMLSignatureResponse getXMLVerifySignatureResponse(); @@ -225,17 +182,6 @@ public interface IAuthenticationSession { void setMISMandate(IMISMandate mandate); /** - * @return the isOW - */ - boolean isOW(); - - /** - * @param isOW - * the isOW to set - */ - void setOW(boolean isOW); - - /** * @return the authBlockTokken */ String getAuthBlockTokken(); @@ -246,51 +192,12 @@ public interface IAuthenticationSession { */ void setAuthBlockTokken(String authBlockTokken); + /** - * eIDAS QAA level + * Generates a Key / Value representation from Authenticated session * - * @return the qAALevel + * @return A read-only version of all session information */ - String getQAALevel(); - - /** - * set QAA level in eIDAS form - * - * @param qAALevel the qAALevel to set - */ - void setQAALevel(String qAALevel); - - /** - * @return the sessionCreated - */ - Date getSessionCreated(); - - Map<String, Object> getGenericSessionDataStorage(); - - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @return The session-data object or null if no data is found with this key - */ - Object getGenericDataFromSession(String key); - - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @param clazz The class type which is stored with this key - * @return The session-data object or null if no data is found with this key - */ - <T> T getGenericDataFromSession(String key, Class<T> clazz); - - /** - * Store a generic data-object to session with a specific identifier - * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface - * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage - */ - void setGenericDataToSession(String key, Object object) throws SessionDataStorageException; - + public Map<String, Object> getKeyValueRepresentationFromAuthSession(); + }
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IIdentityLink.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IIdentityLink.java deleted file mode 100644 index 3a0ccd7c9..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IIdentityLink.java +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.commons.api.data; - -import java.io.IOException; -import java.security.PublicKey; - -import javax.xml.transform.TransformerException; - -import org.w3c.dom.Element; - -/** - * @author tlenz - * - */ -public interface IIdentityLink { - - /** - * Returns the dateOfBirth. - * @return Calendar - */ - String getDateOfBirth(); - - /** - * Returns the familyName. - * @return String - */ - String getFamilyName(); - - /** - * Returns the givenName. - * @return String - */ - String getGivenName(); - - /** - * Returns the name. - * @return The name. - */ - String getName(); - - /** - * Returns the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. - * @return String - */ - String getIdentificationValue(); - - /** - * Returns the identificationType. - * <code>"identificationType"</code> type of the identificationValue in the IdentityLink. - * @return String - */ - String getIdentificationType(); - - /** - * Sets the dateOfBirth. - * @param dateOfBirth The dateOfBirth to set - */ - void setDateOfBirth(String dateOfBirth); - - /** - * Sets the familyName. - * @param familyName The familyName to set - */ - void setFamilyName(String familyName); - - /** - * Sets the givenName. - * @param givenName The givenName to set - */ - void setGivenName(String givenName); - - /** - * Sets the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. - * @param identificationValue The identificationValue to set - */ - void setIdentificationValue(String identificationValue); - - /** - * Sets the Type of the identificationValue. - * @param identificationType The type of identificationValue to set - */ - void setIdentificationType(String identificationType); - - /** - * Returns the samlAssertion. - * @return Element - */ - Element getSamlAssertion(); - - /** - * Returns the samlAssertion. - * @return Element - */ - String getSerializedSamlAssertion(); - - /** - * Sets the samlAssertion and the serializedSamlAssertion. - * @param samlAssertion The samlAssertion to set - */ - void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException; - - /** - * Returns the dsigReferenceTransforms. - * @return Element[] - */ - Element[] getDsigReferenceTransforms(); - - /** - * Sets the dsigReferenceTransforms. - * @param dsigReferenceTransforms The dsigReferenceTransforms to set - */ - void setDsigReferenceTransforms(Element[] dsigReferenceTransforms); - - /** - * Returns the publicKey. - * @return PublicKey[] - */ - PublicKey[] getPublicKey(); - - /** - * Sets the publicKey. - * @param publicKey The publicKey to set - */ - void setPublicKey(PublicKey[] publicKey); - - /** - * Returns the prPerson. - * @return Element - */ - Element getPrPerson(); - - /** - * Sets the prPerson. - * @param prPerson The prPerson to set - */ - void setPrPerson(Element prPerson); - - /** - * Returns the issuing time of the identity link SAML assertion. - * - * @return The issuing time of the identity link SAML assertion. - */ - String getIssueInstant(); - - /** - * Sets the issuing time of the identity link SAML assertion. - * - * @param issueInstant The issueInstant to set. - */ - void setIssueInstant(String issueInstant); - -}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/BKUException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/BKUException.java new file mode 100644 index 000000000..73617fb35 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/BKUException.java @@ -0,0 +1,57 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +package at.gv.egovernment.moa.id.commons.api.exceptions; + +public class BKUException extends MOAIDException { + + private static final long serialVersionUID = -4646544256490397419L; + + private String bkuErrorCode; + private String bkuErrorMessage; + + public BKUException(String messageId, Object[] parameters, + String bkuErrorCode, String bkuErrorMessage) { + super(messageId, parameters); + + this.bkuErrorCode = bkuErrorCode; + this.bkuErrorMessage = bkuErrorMessage; + } + + + /** + * @return the bkuErrorCode + */ + public String getBkuErrorCode() { + return bkuErrorCode; + } + + + /** + * @return the bkuErrorMessage + */ + public String getBkuErrorMessage() { + return bkuErrorMessage; + } + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MISSimpleClientException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MISSimpleClientException.java new file mode 100644 index 000000000..b8c78ab5c --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MISSimpleClientException.java @@ -0,0 +1,90 @@ +package at.gv.egovernment.moa.id.commons.api.exceptions;
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+public class MISSimpleClientException extends MOAIDException {
+
+ private static final long serialVersionUID = 1L;
+
+ private String misErrorCode;
+ private String misErrorMessage;
+
+ public MISSimpleClientException() {
+ super("UNDEFINED ERROR", null);
+ }
+
+ public MISSimpleClientException(String message) {
+ super(message, null);
+ }
+
+ public MISSimpleClientException(String message, String code, String text) {
+ super(message, new Object[] { code , text });
+ this.misErrorMessage = text;
+ this.misErrorCode = code;
+ }
+
+ public MISSimpleClientException(String message, Throwable cause) {
+ super(message, null, cause);
+ }
+
+ public MISSimpleClientException(String message, Object[] params, Throwable cause) {
+ super(message, params, cause);
+ }
+
+ /**
+ * @return the bkuErrorCode
+ */
+ public String getMISErrorCode() {
+ return misErrorCode;
+ }
+
+
+ /**
+ * @return the bkuErrorMessage
+ */
+ public String getMISErrorMessage() {
+ return misErrorMessage;
+ }
+}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java index 6841be92b..b5ae04c4e 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java @@ -49,7 +49,7 @@ package at.gv.egovernment.moa.id.commons.api.exceptions; import java.io.PrintStream; import java.io.PrintWriter; -import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; /** * Base class of technical MOA exceptions. @@ -60,17 +60,17 @@ import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; * @author Patrick Peck, Ivancsics Paul * @version $Id$ */ -public class MOAIDException extends Exception { +public class MOAIDException extends EAAFException { /** * */ private static final long serialVersionUID = -1507246171708083912L; -/** message ID */ - private String messageId; - /** wrapped exception */ - private Throwable wrapped; + /** message ID */ + private String messageId; + /** wrapped exception */ + private Throwable wrapped; - private Object[] parameters; + private Object[] parameters; /** * Create a new <code>MOAIDException</code>. @@ -80,7 +80,7 @@ public class MOAIDException extends Exception { * @param parameters Additional message parameters. */ public MOAIDException(String messageId, Object[] parameters) { - super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); + super(messageId, parameters); this.messageId = messageId; this.parameters = parameters; } @@ -99,7 +99,7 @@ public class MOAIDException extends Exception { Object[] parameters, Throwable wrapped) { - super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); + super(messageId, parameters, wrapped); this.messageId = messageId; this.wrapped = wrapped; this.parameters = parameters; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java index 93f26051c..4555f61d2 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java @@ -32,6 +32,9 @@ import java.util.Iterator; import java.util.List; import java.util.Map; +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral; @@ -82,7 +85,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TimeOuts; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoType; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink; -import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.validation.TargetValidator; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; @@ -174,13 +176,32 @@ public class ConfigurationMigrationUtils { } } + if (MiscUtil.isNotEmpty(oa.getForeignbPKTargetList())) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN, oa.getForeignbPKTargetList()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN, StringUtils.EMPTY); + + //convert selected SZR-GW service if (MiscUtil.isNotEmpty(oa.getSelectedSZRGWServiceURL())) - result.put(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL, oa.getSelectedSZRGWServiceURL()); + result.put(MOAIDConfigurationConstants.SERVICE_EXTERNAL_CENTRAL_EIDASNODE_SERVICE_URL, oa.getSelectedSZRGWServiceURL()); AuthComponentOA oaauth = oa.getAuthComponentOA(); if (oaauth != null) { + //convert SL20 infos + if (oaauth.isSl20Active() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED, oaauth.isSl20Active().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED, Boolean.FALSE.toString()); + + if (MiscUtil.isNotEmpty(oaauth.getSl20EndPoints())) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, oaauth.getSl20EndPoints()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, StringUtils.EMPTY); + + + //convert business identifier IdentificationNumber idnumber = oaauth.getIdentificationNumber(); if (idnumber != null) { @@ -770,7 +791,17 @@ public class ConfigurationMigrationUtils { } - dbOA.setSelectedSZRGWServiceURL(oa.get(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL)); + //set SL20 things + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))) + authoa.setSl20Active(Boolean.valueOf(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))); + else + authoa.setSl20Active(false); + + authoa.setSl20EndPoints(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS)); + + + + dbOA.setSelectedSZRGWServiceURL(oa.get(MOAIDConfigurationConstants.SERVICE_EXTERNAL_CENTRAL_EIDASNODE_SERVICE_URL)); dbOA.setMandateServiceSelectionTemplateURL(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_ELGAMANDATESERVICESELECTION_URL)); dbOA.setSaml2PostBindingTemplateURL(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SAML2POSTBINDING_URL)); @@ -826,6 +857,9 @@ public class ConfigurationMigrationUtils { } } + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN))) + dbOA.setForeignbPKTargetList(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN)); + //store BKU-URLs BKUURLS bkuruls = new BKUURLS(); authoa.setBKUURLS(bkuruls); @@ -1220,7 +1254,7 @@ public class ConfigurationMigrationUtils { if (foreign != null) { ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter(); if (connect_foreign != null) { - result.put(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL, + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL, connect_foreign.getURL()); } } @@ -1738,13 +1772,13 @@ public class ConfigurationMigrationUtils { dbauth.setForeignIdentities(dbforeign); } - if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL))) { + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL))) { ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); if (forcon == null) { forcon = new ConnectionParameterClientAuthType(); dbforeign.setConnectionParameter(forcon); } - forcon.setURL(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL)); + forcon.setURL(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL)); } ForeignIdentities foreign = dbauth.getForeignIdentities(); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java index 695df3123..a6315fe2c 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java @@ -1,5 +1,6 @@ package at.gv.egovernment.moa.id.commons.config; +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; import at.gv.egovernment.moa.id.commons.MOAIDConstants; /** @@ -33,7 +34,8 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants { public static final String PREFIX_MOAID_SERVICES_GATEWAY = PREFIX_MOAID_SERVICES + "." + PREFIX_GATEWAY; //Namespaces for online applications - public static final String SERVICE_UNIQUEIDENTIFIER = "uniqueID"; //publicURLPrefix + public static final String SERVICE_UNIQUEIDENTIFIER + = EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER; //publicURLPrefix public static final String SERVICE_FRIENDLYNAME = "friendlyName"; //friendlyName public static final String SERVICE_BUSINESSSERVICE = "businessservice"; //type public static final String SERVICE_ISACTIVE = "isActive"; //isActive @@ -61,6 +63,8 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants { private static final String SERVICE_AUTH_TARGET_BUSINESS = SERVICE_AUTH_TARGET + ".business"; public static final String SERVICE_AUTH_TARGET_BUSINESS_TYPE = SERVICE_AUTH_TARGET_BUSINESS + ".type"; public static final String SERVICE_AUTH_TARGET_BUSINESS_VALUE = SERVICE_AUTH_TARGET_BUSINESS + ".value"; + public static final String SERVICE_AUTH_TARGET_FOREIGN = SERVICE_AUTH_TARGET + ".foreign"; + public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET = SERVICE_AUTH_TARGET_PUBLIC + ".target"; public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB = SERVICE_AUTH_TARGET_PUBLIC + ".target.sub"; @@ -82,6 +86,9 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants { public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = AUTH + ".authblock.additionaltext"; public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = AUTH + ".authblock.removebPK"; + public static final String SERVICE_AUTH_SL20_ENABLED = AUTH + ".sl20.enabled"; + public static final String SERVICE_AUTH_SL20_ENDPOINTS = AUTH + ".sl20.endpoints"; + private static final String SERVICE_AUTH_TEMPLATES = AUTH + "." + TEMPLATES; public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA = SERVICE_AUTH_TEMPLATES + ".bkuselection.data"; public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW = SERVICE_AUTH_TEMPLATES + ".bkuselection.preview"; @@ -188,7 +195,7 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants { public static final String SERVICE_EXTERNAL_ELGA_MANDATE_SERVICE_URL = ELGA_MANDATE_SERVICE_URL; public static final String SERVICE_EXTERNAL_MIS_SERVICE_URL = "modules.mis.service.url"; - public static final String SERVICE_EXTERNAL_SZRGW_SERVICE_URL = "modules.szrgw.service.url"; + public static final String SERVICE_EXTERNAL_CENTRAL_EIDASNODE_SERVICE_URL = "modules.szrgw.service.url"; //Namespaces for general MOA-ID config public static final String GENERAL_PUBLICURLPREFIX = PREFIX_MOAID_GENERAL + ".publicURLPrefix"; @@ -222,7 +229,7 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants { public static final String GENERAL_AUTH_MOASP_URL = GENERAL_AUTH + ".moasp.url"; public static final String GENERAL_AUTH_SERVICES_OVS_URL = GENERAL_AUTH + ".services.ovs.url"; - public static final String GENERAL_AUTH_SERVICES_SZRGW_URL = GENERAL_AUTH + ".services.szrgw.url"; + public static final String GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL = GENERAL_AUTH + ".services.szrgw.url"; public static final String GENERAL_AUTH_SERVICES_HVB_URL = GENERAL_AUTH + ".services.hvb.url"; public static final String GENERAL_AUTH_SERVICES_ELGA_MANDATE_SERVICE_URL = PREFIX_MOAID_GENERAL + "." + ELGA_MANDATE_SERVICE_URL; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java index 4944813ad..6ef7a00cd 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java @@ -14,11 +14,11 @@ import org.springframework.transaction.annotation.Transactional; import at.gv.egiz.components.configuration.api.Configuration; import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.AbstractConfigProperty; //import at.gv.egovernment.moa.id.commons.db.dao.config.ConfigProperty; import at.gv.egovernment.moa.id.commons.db.dao.config.DatabaseConfigPropertyImpl; -import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.logging.Logger; /** diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java index 3928cf8c0..cada51b9a 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java @@ -9,11 +9,11 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; -import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.logging.Logger; /** @@ -84,13 +84,13 @@ public class NewConfigurationDBRead { String hjID = KeyValueUtils.getFirstChildAfterPrefix(oaKeyId, KeyValueUtils.getParentKey(oaKeyId)); //TODO: work-around for old configTool and new key/value configuration //see BasicOAAction.java line 493 - if (serviceType.equals(MOAIDConfigurationConstants.PREFIX_GATEWAY)) - jaxBOA.setHjid(Long.valueOf(hjID) + 1000000); - else if (serviceType.equals(MOAIDConfigurationConstants.PREFIX_IIDP)) - jaxBOA.setHjid(Long.valueOf(hjID) + 2000000); - else if (serviceType.equals(MOAIDConfigurationConstants.PREFIX_VIDP)) - jaxBOA.setHjid(Long.valueOf(hjID) + 3000000); - else +// if (serviceType.equals(MOAIDConfigurationConstants.PREFIX_GATEWAY)) +// jaxBOA.setHjid(Long.valueOf(hjID) + 1000000); +// else if (serviceType.equals(MOAIDConfigurationConstants.PREFIX_IIDP)) +// jaxBOA.setHjid(Long.valueOf(hjID) + 2000000); +// else if (serviceType.equals(MOAIDConfigurationConstants.PREFIX_VIDP)) +// jaxBOA.setHjid(Long.valueOf(hjID) + 3000000); +// else jaxBOA.setHjid(Long.valueOf(hjID)); Logger.debug("Transformation finished with JaxB hjID: " + hjID); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java index 04efb0afe..852df16e6 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java @@ -11,23 +11,17 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; + import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; import javax.persistence.OneToMany; -import javax.persistence.Table; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlTransient; import javax.xml.bind.annotation.XmlType; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -162,6 +156,13 @@ public class AuthComponentOA @XmlAttribute(name = "Hjid") protected Long hjid; + + @XmlTransient + protected Boolean sl20Active; + @XmlTransient + protected String sl20EndPoints; + + /** * Gets the value of the bkuurls property. * @@ -522,11 +523,28 @@ public class AuthComponentOA + public Long getHjid() { return hjid; } - /** + public Boolean isSl20Active() { + return sl20Active; + } + + public void setSl20Active(Boolean sl20Active) { + this.sl20Active = sl20Active; + } + + public String getSl20EndPoints() { + return sl20EndPoints; + } + + public void setSl20EndPoints(String sl20EndPoints) { + this.sl20EndPoints = sl20EndPoints; + } + + /** * Sets the value of the hjid property. * * @param value diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OnlineApplication.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OnlineApplication.java index 196923ce6..e37873a72 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OnlineApplication.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OnlineApplication.java @@ -115,10 +115,20 @@ public class OnlineApplication @XmlTransient protected String mandateServiceSelectionTemplateURL = null; + @XmlTransient + protected String foreignbPKTargetList = null; + - - /** + public String getForeignbPKTargetList() { + return foreignbPKTargetList; + } + + public void setForeignbPKTargetList(String foreignbPKTargetList) { + this.foreignbPKTargetList = foreignbPKTargetList; + } + + /** * @return the saml2PostBindingTemplateURL */ public String getSaml2PostBindingTemplateURL() { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java index b13f0ba5b..93db98cf9 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java @@ -103,6 +103,7 @@ public class AuthenticatedSessionStore implements Serializable{ private String additionalInformation; @Column(name = "additionalInformationBytes", nullable=true) + @Lob private byte[] additionalInformationBytes; @Column(name = "created", updatable=false, nullable=false) @@ -349,19 +350,56 @@ public class AuthenticatedSessionStore implements Serializable{ this.isInterfederatedSSOSession = isInterfederatedSSOSession; } - /** - * @return the additionalInformation - */ - public byte[] getAdditionalInformation() { + @Deprecated + public String getAdditionalInformation() { + return additionalInformation; + } + + @Deprecated + public void setAdditionalInformation(String additionalInformation) { + this.additionalInformation = additionalInformation; + } + + public byte[] getAdditionalInformationBytes() { return additionalInformationBytes; } - /** - * @param additionalInformation the additionalInformation to set - */ - public void setAdditionalInformation(byte[] additionalInformation) { - this.additionalInformationBytes = additionalInformation; + public void setAdditionalInformationBytes(byte[] additionalInformationBytes) { + this.additionalInformationBytes = additionalInformationBytes; } + +// /** +// * @return the additionalInformation +// */ +// @Deprecated +// public String getAdditionalInformation() { +// try { +// if (this.additionalInformationBytes != null) +// return new String(this.additionalInformationBytes, "UTF-8"); +// else +// return null; +// +// } catch (UnsupportedEncodingException e) { +// throw new RuntimeException("Something is very strange, because UTF-8 encoding IS NOT supported", e); +// +// } +// } + +// @Deprecated +// public void setAdditionalInformation(String additionalInformation) { +// try { +// if (StringUtils.isNotEmpty(additionalInformation)) +// this.additionalInformationBytes = additionalInformation.getBytes("UTF-8"); +// +// } catch (UnsupportedEncodingException e) { +// throw new RuntimeException("Something is very strange, because UTF-8 encoding IS NOT supported", e); +// +// } +// } + + + + diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ex/MOADatabaseException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ex/MOADatabaseException.java index 46484879d..d2d411074 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ex/MOADatabaseException.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ex/MOADatabaseException.java @@ -22,13 +22,12 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.commons.db.ex; -public class MOADatabaseException extends Exception { +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; + +public class MOADatabaseException extends EAAFStorageException { private static final long serialVersionUID = 1L; - public MOADatabaseException() { - super(); - } public MOADatabaseException(String message, Throwable cause) { super(message, cause); @@ -38,7 +37,4 @@ public class MOADatabaseException extends Exception { super(message); } - public MOADatabaseException(Throwable cause) { - super(cause); - } } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java deleted file mode 100644 index 40ef5a23a..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java +++ /dev/null @@ -1,341 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.commons.utils; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; -import java.util.Properties; -import java.util.Set; - -import org.apache.commons.lang3.StringUtils; - -import at.gv.egovernment.moa.util.MiscUtil; - -/** - * @author tlenz - * - */ -public class KeyValueUtils { - - public static final String KEY_DELIMITER = "."; - public static final String CSV_DELIMITER = ","; - - /** - * Convert Java properties into a Map<String, String> - * <br><br> - * <b>Important:</b> The key/values from properties must be of type String! - * - * @param properties - * @return - */ - public static Map<String, String> concertPropertiesToMap(Properties properties) { - return new HashMap<String, String>((Map) properties); - - //INFO Java8 solution ;) - // return properties.entrySet().stream().collect( -// Collectors.toMap( -// e -> e.getKey().toString(), -// e -> e.getValue().toString() -// ) -// ); - - } - - /** - * Extract the first child of an input key after a the prefix - * - * @param key Full input key - * @param prefix Prefix - * @return Child key {String} if it exists or null - */ - public static String getFirstChildAfterPrefix(String key, String prefix) { - String idAfterPrefix = removePrefixFromKey(key, prefix); - if (idAfterPrefix != null) { - int index = idAfterPrefix.indexOf(KEY_DELIMITER); - if (index > 0) { - String adding = idAfterPrefix.substring(0, index); - if (!(adding.isEmpty())) { - return adding; - - } - } else if (!(idAfterPrefix.isEmpty())) { - return idAfterPrefix; - - } - - } - return null; - } - - /** - * Extract the prefix from an input key - * - * @param key Full input key - * @param suffix Suffix of this key - * @return Prefix {String} of the key or null if input key does not ends with postfix string - */ - public static String getPrefixFromKey(String key, String suffix) { - if (key != null && key.endsWith(suffix)) { - String idPreforeSuffix = key.substring(0, key.length()-suffix.length()); - if (idPreforeSuffix.endsWith(KEY_DELIMITER)) - return idPreforeSuffix.substring(0, idPreforeSuffix.length()-1); - else - return idPreforeSuffix; - } - return null; - - } - - /** - * Remove a prefix string from a key - * - * @param key Full input key - * @param prefix Prefix, which should be removed - * @return The suffix of the input key or null if the input does not starts with the prefix - */ - public static String removePrefixFromKey(String key, String prefix) { - if (prefix == null) - prefix = new String(); - - if (key!=null && key.startsWith(prefix)) { - String afterPrefix = key.substring(prefix.length()); - int index = afterPrefix.indexOf(KEY_DELIMITER); - - if (index == 0) { - afterPrefix = afterPrefix.substring(1); - - } - return afterPrefix; - - } - return null; - } - - /** - * Remove a prefix string from all keys in {Map<String, String>} of key/value pairs - * - * @param keys Input data of key/value pairs - * @param prefix Prefix which should be removed - * @return {Map<String, String>} of key/value pairs without prefix in key, but never null - */ - public static Map<String, String> removePrefixFromKeys(Map<String, String> keys, String prefix) { - Map<String, String> result = new HashMap<String, String>(); - Iterator<Entry<String, String>> interator = keys.entrySet().iterator(); - while(interator.hasNext()) { - Entry<String, String> el = interator.next(); - String newKey = removePrefixFromKey(el.getKey(), prefix); - if (MiscUtil.isNotEmpty(newKey)) { - result.put(newKey, el.getValue()); - } - } - - return result; - } - - /** - * Get a subset of key/value pairs which starts with a prefix string - * The Prefix is removed from the key - * - * @param keys Input data of key/value pairs - * @param prefix Prefix string - * @return {Map<String, String>} of key/value pairs without prefix in key, but never null - */ - public static Map<String, String> getSubSetWithPrefix(Map<String, String> keys, String prefix) { - return removePrefixFromKeys(keys, prefix); - } - - - /** - * Add a prefix to key/value pairs to make the key absolute according to key namespace convention - * - * @param input Input key/value pairs which should be updated - * @param prefix Key prefix, which should be added if the key is not absolute - * @param absolutIdentifier Key identifier, which indicates an absolute key - * @return {Map<String, String>} of key/value pairs in which all keys are absolute but never null - */ - public static Map<String, String> makeKeysAbsolut(Map<String, String> input, String prefix, String absolutIdentifier) { - Map<String, String> result = new HashMap<String, String>(); - Iterator<Entry<String, String>> interator = input.entrySet().iterator(); - while(interator.hasNext()) { - Entry<String, String> el = interator.next(); - if (!el.getKey().startsWith(absolutIdentifier)) { - //key is not absolute -> add prefix - result.put(prefix - + KEY_DELIMITER - + el.getKey(), - el.getValue()); - - } else { - //key is absolute - result.put(el.getKey(), el.getValue()); - } - } - return result; - } - - /** - * Get the parent key string from an input key - * - * @param key input key - * @return parent key or the empty String if no parent exists - */ - public static String getParentKey(String key) { - if (MiscUtil.isNotEmpty(key)) { - int index = key.lastIndexOf(KEY_DELIMITER); - if (index > 0) { - return key.substring(0, index); - - } - } - - return new String(); - } - - /** - * Find the highest free list counter - * - * @param input Array of list keys - * @param listPrefix {String} prefix of the list - * @return {int} highest free list counter - */ - public static int findNextFreeListCounter(String[] input, - String listPrefix) { - List<Integer> counters = new ArrayList<Integer>(); - if (input == null || input.length == 0) - return 0; - - else { - for (String key : input) { - String listIndex = getFirstChildAfterPrefix(key, listPrefix); - counters.add(Integer.parseInt(listIndex)); - - } - Collections.sort(counters); - return counters.get(counters.size()-1) + 1; - } - } - - /** - * Find the highest free list counter - * - * @param keySet {Set<String>} of list keys - * @param listPrefix {String} prefix of the list - * @return {int} highest free list counter - */ - public static int findNextFreeListCounter(Set<String> keySet, - String listPrefix) { - if (keySet.isEmpty()) - return 0; - - String[] array = new String[keySet.size()]; - keySet.toArray(array); - return findNextFreeListCounter(array, listPrefix); - } - - - /** - * Normalize a CSV encoded list of value of an key/value pair - * - * This method removes all whitespace at the begin or the - * end of CSV values and remove newLine signs at the end of value. - * The ',' is used as list delimiter - * - * @param value CSV encoded input data - * @return normalized CSV encoded data or null if {value} is null or empty - */ - public static String normalizeCSVValueString(String value) { - String normalizedCodes = null; - if (MiscUtil.isNotEmpty(value)) { - String[] codes = value.split(CSV_DELIMITER); - for (String el: codes) { - if (normalizedCodes == null) - normalizedCodes = StringUtils.chomp(el.trim()); - else - normalizedCodes += "," + StringUtils.chomp(el.trim()); - - } - } - return normalizedCodes; - } - - - /** - * Check a String if it is a comma separated list of values - * - * This method uses the ',' as list delimiter. - * - * @param value CSV encoded input data - * @return true if the input data contains a ',' and has more then 1 list element, otherwise false - */ - public static boolean isCSVValueString(String value) { - if (MiscUtil.isNotEmpty(value)) { - String[] codes = value.split(CSV_DELIMITER); - if (codes.length >= 2) { - if (MiscUtil.isNotEmpty(codes[1].trim())) - return true; - - } - } - - return false; - } - - /** - * Convert a CSV list to a List of CSV values - * <br><br> - * This method removes all whitespace at the begin or the - * end of CSV values and remove newLine signs at the end of value. - * The ',' is used as list delimiter - * - * @param csv CSV encoded input data - * @return List of CSV normalized values, but never null - */ - public static List<String> getListOfCSVValues(String csv) { - List<String> list = new ArrayList<String>(); - if (MiscUtil.isNotEmpty(csv)) { - String[] values = csv.split(CSV_DELIMITER); - for (String el: values) - list.add(el.trim()); - - } - - return list; - } - - /** - * This method remove all newline delimiter (\n or \r\n) from input data - * - * @param value Input String - * @return Input String without newline characters - */ - public static String removeAllNewlineFromString(String value) { - return value.replaceAll("(\\t|\\r?\\n)+", ""); - - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java index 4d8a07a55..f4143e434 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java @@ -48,47 +48,46 @@ package at.gv.egovernment.moa.id.commons.utils; import java.util.Locale; +import org.springframework.stereotype.Service; + +import at.gv.egiz.eaaf.core.api.IStatusMessenger; +import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; +import at.gv.egovernment.moa.id.commons.api.exceptions.BKUException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MISSimpleClientException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.util.Messages; +import at.gv.egovernment.moa.util.MiscUtil; -/** - * A singleton wrapper around a <code>Message</code> object, providing the messages used in MOA-ID. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class MOAIDMessageProvider { + +@Service("MOAIDMessageProvider") +public class MOAIDMessageProvider implements IStatusMessenger { - /** DEFAULT_MESSAGE_RESOURCES are resources/properties/id_messages */ - private static final String[] DEFAULT_MESSAGE_RESOURCES = - { "resources/properties/id_messages" }; - /** DEFAULT_MESSAGE_LOCALES are "de", "AT" */ - private static final Locale[] DEFAULT_MESSAGE_LOCALES = - new Locale[] { new Locale("de", "AT") }; - /** The instance for our singleton */ - private static MOAIDMessageProvider instance; - /** The Messages */ + //internal messanges + private static final String[] DEFAULT_MESSAGE_RESOURCES = { "resources/properties/id_messages" }; + private static final Locale[] DEFAULT_MESSAGE_LOCALES = new Locale[] { new Locale("de", "AT") }; private Messages messages; - /** - * Returns the single instance of <code>MOAIDMessageProvider</code>. - * - * @return the single instance of <code>MOAIDMessageProvider</code> - */ + //external error codes + private static final String[] DEFAULT_EXTERNALERROR_RESOURCES = { "resources/properties/protocol_response_statuscodes" }; + private static final Locale[] DEFAULT_EXTERNALERROR_LOCALES = new Locale[] { new Locale("de", "AT") }; + private Messages externalError = null; + + + private static MOAIDMessageProvider instance = null; + public static MOAIDMessageProvider getInstance() { - if (instance == null) - instance = new MOAIDMessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES); - return instance; - } + if (instance == null) + instance = new MOAIDMessageProvider(); + + return instance; + + } - /** - * Create a <code>MOAIDMessageProvider</code>. - * - * @param resourceNames The names of the resources containing the messages. - * @param locales The corresponding locales. - */ - protected MOAIDMessageProvider(String[] resourceNames, Locale[] locales) { - this.messages = new Messages(resourceNames, locales); - } + public MOAIDMessageProvider() { + this.messages = new Messages(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES); + this.externalError = new Messages(DEFAULT_EXTERNALERROR_RESOURCES, DEFAULT_EXTERNALERROR_LOCALES); + + } /** * Get the message corresponding to a given message ID. @@ -97,8 +96,54 @@ public class MOAIDMessageProvider { * @param parameters The parameters to fill in into the message arguments. * @return The formatted message. */ + @Override public String getMessage(String messageId, Object[] parameters) { return messages.getMessage(messageId, parameters); } + +@Override +public String getResponseErrorCode(Throwable throwable) { + String errorCode = null; + + if (throwable instanceof BKUException) { + BKUException error = (BKUException) throwable; + errorCode = mapInternalErrorToExternalError(error.getMessageId()) + + error.getBkuErrorCode(); + + } else if (throwable instanceof MISSimpleClientException) { + MISSimpleClientException error = (MISSimpleClientException) throwable; + + if (MiscUtil.isNotEmpty(error.getMISErrorCode())) + errorCode = mapInternalErrorToExternalError(error.getMessageId()) + + error.getMISErrorCode(); + else + errorCode = mapInternalErrorToExternalError(error.getMessageId()); + + } else if (throwable instanceof MOAIDException) { + MOAIDException error = (MOAIDException) throwable; + errorCode = mapInternalErrorToExternalError(error.getMessageId()); + + } else if (throwable instanceof ProcessExecutionException) { + errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_PROCESSENGINE; + + } else { + errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; + + } + + return errorCode; +} + + +@Override +public String mapInternalErrorToExternalError(String intErrorCode) { + String extErrorCode = externalError.getMessage(intErrorCode, null); + + if (MiscUtil.isEmpty(extErrorCode)) + extErrorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; + + return extErrorCode; +} + } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java new file mode 100644 index 000000000..026b1a5fb --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java @@ -0,0 +1,62 @@ +package at.gv.egovernment.moa.id.commons.utils; + +import java.security.cert.X509Certificate; +import java.util.List; + +import javax.security.auth.x500.X500Principal; + +public class X509Utils { + + /** + * Sorts the Certificate Chain by IssuerDN and SubjectDN. The [0]-Element should be the Hostname, + * the last Element should be the Root Certificate. + * + * @param certs + * The first element must be the correct one. + * @return sorted Certificate Chain + */ + public static List<X509Certificate> sortCertificates( + List<X509Certificate> certs) + { + int length = certs.size(); + if (certs.size() <= 1) + { + return certs; + } + + for (X509Certificate cert : certs) + { + if (cert == null) + { + throw new NullPointerException(); + } + } + + for (int i = 0; i < length; i++) + { + boolean found = false; + X500Principal issuer = certs.get(i).getIssuerX500Principal(); + for (int j = i + 1; j < length; j++) + { + X500Principal subject = certs.get(j).getSubjectX500Principal(); + if (issuer.equals(subject)) + { + // sorting necessary? + if (i + 1 != j) + { + X509Certificate tmp = certs.get(i + 1); + certs.set(i + 1, certs.get(j)); + certs.set(j, tmp); + } + found = true; + } + } + if (!found) + { + break; + } + } + + return certs; + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java index abf2d211c..e6efca4ea 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java @@ -58,8 +58,8 @@ import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; +import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.KeyStoreUtils; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import iaik.pki.DefaultPKIConfiguration; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/IPKIXValidator.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/IPKIXValidator.java new file mode 100644 index 000000000..ce32cbd0d --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/IPKIXValidator.java @@ -0,0 +1,6 @@ +package at.gv.egovernment.moa.id.commons.validation; + +public interface IPKIXValidator { + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/MOASPPKIXCertValidator.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/MOASPPKIXCertValidator.java new file mode 100644 index 000000000..fda567452 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/MOASPPKIXCertValidator.java @@ -0,0 +1,9 @@ +package at.gv.egovernment.moa.id.commons.validation; + +import org.springframework.stereotype.Service; + +@Service +public class MOASPPKIXCertValidator implements IPKIXValidator { + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/PKIXValidatorConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/PKIXValidatorConfiguration.java new file mode 100644 index 000000000..20235c4b6 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/PKIXValidatorConfiguration.java @@ -0,0 +1,21 @@ +package at.gv.egovernment.moa.id.commons.validation; + +public class PKIXValidatorConfiguration { + + public enum CHAININGMODE { + pkix, chaining + } + + public enum REVOCATIONCHECKMETHODES { + crl, ocsp + } + + private String trustStorePath = null; + private String certStorePath = null; + private boolean revocationChecking = true; + private REVOCATIONCHECKMETHODES[] revocationCheckMode = {REVOCATIONCHECKMETHODES.ocsp, REVOCATIONCHECKMETHODES.crl}; + private CHAININGMODE chaining = CHAININGMODE.pkix; + + + +} |