diff options
Diffstat (limited to 'id/server/moa-id-commons/src/main/java/at')
3 files changed, 1808 insertions, 0 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java new file mode 100644 index 000000000..59c6687d5 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java @@ -0,0 +1,1638 @@ +/* +moaidconfigmoaidconfigmoaidconfig * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.config; + +import iaik.x509.X509Certificate; + +import java.io.IOException; +import java.math.BigInteger; +import java.security.cert.CertificateException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType; +import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; +import at.gv.egovernment.moa.id.commons.db.dao.config.BPKDecryption; +import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; +import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; +import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +import at.gv.egovernment.moa.id.commons.db.dao.config.EncBPKInformation; +import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; +import at.gv.egovernment.moa.id.commons.db.dao.config.InterfederationGatewayType; +import at.gv.egovernment.moa.id.commons.db.dao.config.InterfederationIDPType; +import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; +import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; +import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TestCredentials; +import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; +import at.gv.egovernment.moa.id.commons.validation.TargetValidator; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ConfigurationMigrationUtils { + + public static final String MOA_CONFIG_BUSINESSSERVICE = "businessService"; + public static final String MOA_CONFIG_STORKSERVICE = "storkService"; + public static final String MOA_CONFIG_PROTOCOL_SAML1 = "id_saml1"; + public static final String MOA_CONFIG_PROTOCOL_PVP2 = "id_pvp2x"; + public static final String MOA_CONFIG_PROTOCOL_STORK2 = "id_stork2"; + + public static final long DEFAULTTIMEOUTASSERTION = 120; //sec + public static final long DEFAULTTIMEOUTMOASESSIONCREATED = 1200; //sec + public static final long DEFAULTTIMEOUTMOASESSIONUPDATED = 2700; //sec + + /** + * Convert a MOA-ID 2.x OnlineApplication JaxB DAO to a 3.x key/value configuration + * The keys in the result only contains the OA specific suffix keys + * but no MOA-ID configuration prefix + * + * @param oa MOA-ID 2.x OnlineApplication configuration + * @return MOA-ID 3.x OnlineApplication configuration without prefix but never Null + */ + public static Map<String, String> convertHyberJaxBOnlineApplicationToKeyValue(OnlineApplication oa) { + Map<String, String> result = new HashMap<String, String>(); + if (oa != null) { + //convert oaID and friendlyname + result.put(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, oa.getFriendlyName()); + result.put(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, oa.getPublicURLPrefix()); + + //convert isActive flag + if (oa.isIsActive() != null) + result.put(MOAIDConfigurationConstants.SERVICE_ISACTIVE, oa.isIsActive().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_ISACTIVE, Boolean.FALSE.toString()); + + //convert oa type + if (oa.getType().equals(MOA_CONFIG_BUSINESSSERVICE)) + result.put(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE, Boolean.TRUE.toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE, Boolean.FALSE.toString()); + + + //convert target + String target_full = oa.getTarget(); + if (MiscUtil.isNotEmpty(target_full)) { + if (TargetValidator.isValidTarget(target_full)) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET, target_full); + + } else { + String[] target_split = target_full.split("-"); + + if (TargetValidator.isValidTarget(target_split[0])) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET, target_split[0]); + + if (target_split.length > 1) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB, target_split[1]); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB, Boolean.TRUE.toString()); + + } + + } else { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET, target_full); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN, Boolean.TRUE.toString()); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME, oa.getTargetFriendlyName()); + + } + } + } + + AuthComponentOA oaauth = oa.getAuthComponentOA(); + if (oaauth != null) { + + //convert business identifier + IdentificationNumber idnumber = oaauth.getIdentificationNumber(); + if (idnumber != null) { + String number = idnumber.getValue(); + if (MiscUtil.isNotEmpty(number)) { + String[] split = number.split("\\+"); + + if (MOAIDConfigurationConstants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, split[1]); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, split[2]); + + } else if (MOAIDConfigurationConstants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, split[2]); + } + } + } + + //concert BKU URLs + BKUURLS bkuurls = oaauth.getBKUURLS(); + if (bkuurls != null) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY, bkuurls.getHandyBKU()); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL, bkuurls.getLocalBKU()); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE, bkuurls.getOnlineBKU()); + + } + + //concert mandates + Mandates mandates = oaauth.getMandates(); + if (mandates != null) { + String mandateProfiles = null; + List<String> profileList = mandates.getProfileName(); + for (String el : profileList) { + if (mandateProfiles == null) + mandateProfiles = el; + else + mandateProfiles += "," + el; + } + + //only for RC1 + if (MiscUtil.isNotEmpty(mandates.getProfiles())) { + if (mandateProfiles == null) + mandateProfiles = mandates.getProfiles(); + + else + mandateProfiles += "," + mandates.getProfiles(); + + } + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_PROFILES, mandateProfiles); + + if (mandateProfiles != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_USE, Boolean.TRUE.toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_USE, Boolean.FALSE.toString()); + } + + //convert securtiyLayer templates + TemplatesType templates = oaauth.getTemplates(); + if (templates != null) { + List<TemplateType> templatetype = templates.getTemplate(); + if (templatetype != null) { + if (templatetype.size() > 0) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE, templatetype.get(0).getURL()); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_LEGACY, Boolean.TRUE.toString()); + + } else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_LEGACY, Boolean.FALSE.toString()); + + if (templatetype.size() > 1) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE, templatetype.get(1).getURL()); + + if (templatetype.size() > 2) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE, templatetype.get(2).getURL()); + + } + } + + //convert test credentials + if (oaauth.getTestCredentials() != null) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED, String.valueOf(oaauth.getTestCredentials().isEnableTestCredentials())); + + if (oaauth.getTestCredentials().getCredentialOID() != null) { + String oids = null; + for (String el : oaauth.getTestCredentials().getCredentialOID()) { + if (oids == null) + oids = el; + else + oids += "," + oids; + + } + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs, oids); + } + } + + //convert foreign bPK + try { + EncBPKInformation bPKEncDec = oaauth.getEncBPKInformation(); + if (bPKEncDec != null) { + BPKDecryption bPKDec = bPKEncDec.getBPKDecryption(); + if (bPKDec != null) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_BLOB, Base64Utils.encode(bPKDec.getKeyInformation())); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_IV, Base64Utils.encode(bPKDec.getIv())); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_KEYALIAS, bPKDec.getKeyAlias()); + if (bPKDec.getKeyStoreFileName() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_FILENAME, bPKDec.getKeyStoreFileName()); + + } + } + } catch (Exception e) { + Logger.warn("Foreign bPK decryption information can not converted.", e); + } + + //convert SSO + OASSO ssoconfig = oaauth.getOASSO(); + if(ssoconfig != null) { + if (ssoconfig.isUseSSO() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_ENABLED, ssoconfig.isUseSSO().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_ENABLED, Boolean.FALSE.toString()); + + if (ssoconfig.isAuthDataFrame() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_USERREQUEST, ssoconfig.isAuthDataFrame().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_USERREQUEST, Boolean.TRUE.toString()); + } + + //convert STORK config + OASTORK config = oaauth.getOASTORK(); + if(config != null) { + if (config.isStorkLogonEnabled() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ENABLED, config.isStorkLogonEnabled().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ENABLED, Boolean.FALSE.toString()); + + if (config.getQaa() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, config.getQaa().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, "4"); + + if (config.getCPEPS() != null) { + for (int i=0; i<config.getCPEPS().size(); i++) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED, + Boolean.TRUE.toString()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE, + config.getCPEPS().get(i).getCountryCode()); + + } + } + + if (config.getOAAttributes() != null) { + for (int i=0; i<config.getOAAttributes().size(); i++) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME, + config.getOAAttributes().get(i).getName()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED, + Boolean.TRUE.toString()); + + + if (config.getOAAttributes().get(i).isMandatory() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + config.getOAAttributes().get(i).isMandatory().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + Boolean.FALSE.toString()); + } + } + + // fetch vidp config + if (config.isRequireConsent() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT, + config.isRequireConsent().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT, + Boolean.FALSE.toString()); + + List<AttributeProviderPlugin> attributeProviderPlugins = config.getAttributeProviders(); + if (attributeProviderPlugins != null) { + for(int i=0; i<attributeProviderPlugins.size(); i++) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME, + attributeProviderPlugins.get(i).getName()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL, + attributeProviderPlugins.get(i).getUrl()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES, + attributeProviderPlugins.get(i).getAttributes()); + + result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_VIDP); + + } + } + } + + //convert protocols SAML1 + OASAML1 saml1 = oaauth.getOASAML1(); + if (saml1 != null) { + if (saml1.isProvideAUTHBlock() != null) + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK, + saml1.isProvideAUTHBlock().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK, + Boolean.FALSE.toString()); + + if (saml1.isProvideCertificate() != null) + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE, + saml1.isProvideCertificate().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE, + Boolean.FALSE.toString()); + + if (saml1.isProvideFullMandatorData() != null) + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE, + saml1.isProvideFullMandatorData().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE, + Boolean.FALSE.toString()); + + if (saml1.isProvideIdentityLink() != null) + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL, + saml1.isProvideIdentityLink().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL, + Boolean.FALSE.toString()); + + if (saml1.isProvideStammzahl() != null) + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID, + saml1.isProvideStammzahl().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID, + Boolean.FALSE.toString()); + + if (saml1.isProvideAllErrors() != null) + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR, + saml1.isProvideAllErrors().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR, + Boolean.TRUE.toString()); + + if (saml1.isIsActive() != null) + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED, + saml1.isIsActive().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED, + Boolean.FALSE.toString()); + } + + //convert protocols PVP2X + OAPVP2 pvp2 = oaauth.getOAPVP2(); + if (pvp2 != null) { + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + pvp2.getMetadataURL()); + + try { + byte[] cert = pvp2.getCertificate(); + + if (MiscUtil.isNotEmpty(cert)) { + X509Certificate x509 = new X509Certificate(cert); + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE, + Base64Utils.encode(cert)); + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE_SUBJECT, + x509.getSubjectDN().getName()); + } + } catch (CertificateException | IOException e) { + Logger.warn("PVP2 certificate can not be loaded from Online-Applikation"); + } + } + + //convert protocol OpenID Connect + OAOAUTH20 openID = oaauth.getOAOAUTH20(); + if (openID != null) { + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET, + openID.getOAuthClientSecret()); + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID, + openID.getOAuthClientId()); + result.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL, + openID.getOAuthRedirectUri()); + } + + + //convert BKU selection form customization + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK, + String.valueOf(oa.isRemoveBPKFromAuthBlock())); + + if (templates != null) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT, + templates.getAditionalAuthBlockText()); + + TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate(); + if (bkuSelectTemplate != null && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename())) { + try { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION, + Base64Utils.encode(bkuSelectTemplate.getTransformation())); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME, + bkuSelectTemplate.getFilename()); + + } catch (Exception e) { + Logger.warn("BKU selection templated can not converted.", e); + + } + + + } + + TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate(); + if (sendAssertionTemplate != null && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename())) { + try { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION, + Base64Utils.encode(sendAssertionTemplate.getTransformation())); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME, + sendAssertionTemplate.getFilename()); + + } catch (Exception e) { + Logger.warn("Send assertion templated can not converted.", e); + + } + } + + BKUSelectionCustomizationType formcustom = templates.getBKUSelectionCustomization(); + if (formcustom != null) { + + if (formcustom.isOnlyMandateLoginAllowed() != null) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_ONLY, + formcustom.isOnlyMandateLoginAllowed().toString()); + } else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_ONLY, + Boolean.FALSE.toString()); + + if (formcustom.getAppletHeight() != null) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT, + formcustom.getAppletHeight()); + } + + if (formcustom.getAppletWidth() != null) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH, + formcustom.getAppletWidth()); + } + + if (MiscUtil.isNotEmpty(formcustom.getAppletRedirectTarget())) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET, + formcustom.getAppletRedirectTarget()); + + if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR, + formcustom.getBackGroundColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR, + formcustom.getButtonBackGroundColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS, + formcustom.getButtonBackGroundColorFocus()); + } + + if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR, + formcustom.getButtonFontColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getFontType())) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE, + formcustom.getFontType()); + } + + if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR, + formcustom.getFrontColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR, + formcustom.getHeaderBackGroundColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR, + formcustom.getHeaderFrontColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT, + formcustom.getHeaderText()); + } + } + } + } + + //convert interfederation configuration + InterfederationIDPType moaIDP = oa.getInterfederationIDP(); + if (moaIDP != null) { + result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_IIDP); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL, + moaIDP.getAttributeQueryURL()); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND, + String.valueOf(moaIDP.isInboundSSO())); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND, + String.valueOf(moaIDP.isOutboundSSO())); + + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE, + String.valueOf(moaIDP.isStoreSSOSession())); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR, + String.valueOf(moaIDP.isPerformLocalAuthenticationOnError())); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST, + String.valueOf(moaIDP.isPerformPassivRequest())); + } + + //convert STORK <-> PVP2X gateway configuration + InterfederationGatewayType gateway = oa.getInterfederationGateway(); + if (gateway != null) { + result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_GATEWAY); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER, + gateway.getForwardIDPIdentifier()); + + } + + //set onlineapplication identifier if nothing is set + if (!result.containsKey(MOAIDConfigurationConstants.PREFIX_SERVICES)) + result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_OA); + } + + return result; + } + + /** + * Convert a MOA-ID 3.x key/value OnlineApplication to a 2.x JaxB DAO + * + * @param oa MOA-ID 3.x key/value OnlineApplication configuration. The MOA-ID specific prefix must be removed + * @return MOA-ID 2.x {OnlineApplication} or Null if oa contains no OnlineApplication keys + */ + public static OnlineApplication convertKeyValueToHyberJaxBOnlineApplication(Map<String, String> oa) { + OnlineApplication dbOA = new OnlineApplication(); + + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } + + dbOA.setIsActive(Boolean.valueOf(oa.get(MOAIDConfigurationConstants.SERVICE_ISACTIVE))); + dbOA.setPublicURLPrefix(oa.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER)); + dbOA.setFriendlyName(oa.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME)); + + if (Boolean.valueOf(oa.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE))) { + dbOA.setType(MOA_CONFIG_BUSINESSSERVICE); + + IdentificationNumber idnumber = authoa.getIdentificationNumber(); + if (idnumber == null) + idnumber = new IdentificationNumber(); + + if (oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE).equals(MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK)) { + idnumber.setValue(MOAIDConfigurationConstants.PREFIX_STORK + "AT" + "+" + oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE)); + idnumber.setType(MOAIDConfigurationConstants.BUSINESSSERVICENAMES.get(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE))); + } else { + idnumber.setValue(MOAIDConfigurationConstants.PREFIX_WPBK + oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE) + "+" + oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE)); + idnumber.setType(MOAIDConfigurationConstants.BUSINESSSERVICENAMES.get(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE))); + } + + authoa.setIdentificationNumber(idnumber); + + } else { + dbOA.setType(null); + + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET)) + && Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN))) { + dbOA.setTarget(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET)); + dbOA.setTargetFriendlyName(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME)); + + } else { + + String target = oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET); + + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB)) + && Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB))) + dbOA.setTarget(target + "-" + oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB)); + else + dbOA.setTarget(target); + + String targetname = TargetValidator.getTargetFriendlyName(target); + if (MiscUtil.isNotEmpty(targetname)) + dbOA.setTargetFriendlyName(targetname); + } + } + + //store BKU-URLs + BKUURLS bkuruls = new BKUURLS(); + authoa.setBKUURLS(bkuruls); + bkuruls.setHandyBKU(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY)); + bkuruls.setLocalBKU(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL)); + bkuruls.setOnlineBKU(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE)); + + //store SecurtiyLayerTemplates + TemplatesType templates = authoa.getTemplates(); + if (templates == null) { + templates = new TemplatesType(); + authoa.setTemplates(templates); + } + List<TemplateType> template = templates.getTemplate(); + if (Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_LEGACY))) { + + if (template == null) + template = new ArrayList<TemplateType>(); + else + template.clear(); + + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE))) { + TemplateType el = new TemplateType(); + el.setURL(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE)); + template.add(el); + } else + template.add(new TemplateType()); + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE))) { + TemplateType el = new TemplateType(); + el.setURL(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE)); + template.add(el); + } else + template.add(new TemplateType()); + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE))) { + TemplateType el = new TemplateType(); + el.setURL(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE)); + template.add(el); + } else + template.add(new TemplateType()); + + } else { + if (template != null && template.size() > 0) template.clear(); + } + + + //store keyBox Identifier + dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_KEYBOXIDENTIFIER))); + + Mandates mandates = new Mandates(); + if (Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_USE))) { + + if (oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_PROFILES) != null) { + String[] profileList = oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_PROFILES).split(","); + + List<String> dbProfiles = mandates.getProfileName(); + if (dbProfiles == null) { + dbProfiles = new ArrayList<String>(); + mandates.setProfileName(dbProfiles); + + } + + for (String el: profileList) + dbProfiles.add(el.trim()); + + mandates.setProfiles(null); + } + + } else { + mandates.setProfiles(null); + mandates.getProfileName().clear(); + } + authoa.setMandates(mandates); + + if (Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED))) { + TestCredentials testing = authoa.getTestCredentials(); + testing = new TestCredentials(); + authoa.setTestCredentials(testing); + testing.setEnableTestCredentials(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED))); + + if (oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs) != null) { + String[] profileList = oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs).split(","); + List<String> testCredentialOIDs = Arrays.asList(profileList); + testing.setCredentialOID(testCredentialOIDs); + } + + } else { + TestCredentials testing = authoa.getTestCredentials(); + if (testing != null) { + testing.setEnableTestCredentials(false); + } + + } + + + EncBPKInformation bPKEncDec = authoa.getEncBPKInformation(); + if (bPKEncDec == null) { + bPKEncDec = new EncBPKInformation(); + authoa.setEncBPKInformation(bPKEncDec); + + } + + BPKDecryption bPKDec = bPKEncDec.getBPKDecryption(); + if (bPKDec == null) { + bPKDec = new BPKDecryption(); + bPKEncDec.setBPKDecryption(bPKDec); + } + + bPKDec.setKeyStoreFileName(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_FILENAME)); + bPKDec.setKeyAlias(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_KEYALIAS)); + + try { + bPKDec.setIv(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_IV), false)); + bPKDec.setKeyInformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_BLOB), false)); + + } catch (IOException e) { + Logger.error("Configuration encryption FAILED.", e); + + } + + OASSO sso = authoa.getOASSO(); + if (sso == null) { + sso = new OASSO(); + authoa.setOASSO(sso); + sso.setAuthDataFrame(true); + } + sso.setUseSSO(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_ENABLED))); + sso.setAuthDataFrame(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_USERREQUEST))); + + OASTORK stork = authoa.getOASTORK(); + if (stork == null) { + // if there is none, create a new one with default values. + stork = new OASTORK(); + authoa.setOASTORK(stork); + stork.setStorkLogonEnabled(false); + } + // transfer the incoming data to the database model + stork.setStorkLogonEnabled(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ENABLED))); + stork.setQaa(Integer.valueOf(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL))); + + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.PREFIX_SERVICES)) + && oa.get(MOAIDConfigurationConstants.PREFIX_SERVICES).equals(MOAIDConfigurationConstants.PREFIX_VIDP)) + stork.setVidpEnabled(true); + + stork.setRequireConsent(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT))); + + Map<String, AttributeProviderPlugin> pluginMap = new HashMap<String, AttributeProviderPlugin>(); + Map<String, OAStorkAttribute> attrMap = new HashMap<String, OAStorkAttribute>(); + Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>(); + + for (String el : oa.keySet()) { + if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST); + OAStorkAttribute attr = new OAStorkAttribute(); + attr.setName(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME)); + + attr.setMandatory(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY))); + + if (Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED))) + attrMap.put(index, attr); + + + } else if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST); + AttributeProviderPlugin attr = new AttributeProviderPlugin(); + attr.setName(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME)); + attr.setUrl(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL)); + attr.setAttributes(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES)); + pluginMap.put(index, attr); + + + } else if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST); + CPEPS attr = new CPEPS(); + attr.setCountryCode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE)); + + if (Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED))) + cpepsMap.put(index, attr); + + } + } + + stork.setAttributeProviders(new ArrayList<AttributeProviderPlugin>(pluginMap.values())); + stork.setOAAttributes(new ArrayList<OAStorkAttribute>(attrMap.values())); + stork.setCPEPS(new ArrayList<CPEPS>(cpepsMap.values())); + + OASAML1 saml1 = authoa.getOASAML1(); + if (saml1 == null) { + saml1 = new OASAML1(); + authoa.setOASAML1(saml1); + saml1.setIsActive(false); + } + saml1.setIsActive(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED))); + saml1.setProvideAUTHBlock(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK))); + saml1.setProvideCertificate(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE))); + saml1.setProvideFullMandatorData(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE))); + saml1.setProvideIdentityLink(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL))); + saml1.setProvideStammzahl(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID))); + saml1.setUseCondition(false); + saml1.setProvideAllErrors(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR))); + saml1.setConditionLength(BigInteger.valueOf(-1)); + + OAPVP2 pvp2 = authoa.getOAPVP2(); + if (pvp2 == null) { + pvp2 = new OAPVP2(); + authoa.setOAPVP2(pvp2); + } + + try { + pvp2.setCertificate(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE), false)); + + } catch (IOException e) { + Logger.warn("Uploaded Certificate can not be parsed", e); + + } + + pvp2.setMetadataURL(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL)); + + OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20(); + if (oaOAuth20 == null) { + oaOAuth20 = new OAOAUTH20(); + authoa.setOAOAUTH20(oaOAuth20); + } + oaOAuth20.setOAuthClientId(dbOA.getPublicURLPrefix()); + oaOAuth20.setOAuthRedirectUri(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL)); + oaOAuth20.setOAuthClientSecret(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET)); + + + + dbOA.setRemoveBPKFromAuthBlock(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK))); + templates.setAditionalAuthBlockText(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT)); + + //store BKU-selection and send-assertion templates + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION))) { + TransformsInfoType el1 = new TransformsInfoType(); + try { + el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION), false)); + el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME)); + templates.setBKUSelectionTemplate(el1); + + } catch (IOException e) { + Logger.warn("Converting BKU selection template FAILED.", e); + } + } + + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION))) { + TransformsInfoType el1 = new TransformsInfoType(); + try { + el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION), false)); + el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME)); + templates.setSendAssertionTemplate(el1); + + } catch (IOException e) { + Logger.warn("Converting Send Assertion template FAILED.", e); + } + } + + BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); + if (bkuselectioncustom == null) { + bkuselectioncustom = new BKUSelectionCustomizationType(); + templates.setBKUSelectionCustomization(bkuselectioncustom); + } + + + bkuselectioncustom.setMandateLoginButton(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_USE))); + bkuselectioncustom.setOnlyMandateLoginAllowed(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_ONLY))); + + bkuselectioncustom.setBackGroundColor(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR)); + bkuselectioncustom.setFrontColor(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR)); + + bkuselectioncustom.setHeaderBackGroundColor(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR)); + bkuselectioncustom.setHeaderFrontColor(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR)); + bkuselectioncustom.setHeaderText(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT)); + + bkuselectioncustom.setButtonBackGroundColor(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR)); + bkuselectioncustom.setButtonBackGroundColorFocus(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS)); + bkuselectioncustom.setButtonFontColor(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR)); + + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET))) + bkuselectioncustom.setAppletRedirectTarget(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET)); + + bkuselectioncustom.setFontType(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE)); + + bkuselectioncustom.setAppletHeight(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT)); + bkuselectioncustom.setAppletWidth(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH)); + + + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.PREFIX_SERVICES)) + && oa.get(MOAIDConfigurationConstants.PREFIX_SERVICES).equals(MOAIDConfigurationConstants.PREFIX_IIDP)) + dbOA.setIsInterfederationIDP(true); + + InterfederationIDPType moaIDP = dbOA.getInterfederationIDP(); + if (moaIDP == null) { + moaIDP = new InterfederationIDPType(); + dbOA.setInterfederationIDP(moaIDP); + } + + moaIDP.setAttributeQueryURL(oa.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL)); + moaIDP.setInboundSSO(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND))); + moaIDP.setOutboundSSO(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND))); + moaIDP.setStoreSSOSession(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE))); + moaIDP.setPerformLocalAuthenticationOnError(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR))); + moaIDP.setPerformPassivRequest(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST))); + + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.PREFIX_SERVICES)) + && oa.get(MOAIDConfigurationConstants.PREFIX_SERVICES).equals(MOAIDConfigurationConstants.PREFIX_GATEWAY)) + dbOA.setIsInterfederationGateway(true); + InterfederationGatewayType gateway = dbOA.getInterfederationGateway(); + if (gateway == null) { + gateway = new InterfederationGatewayType(); + dbOA.setInterfederationGateway(gateway); + } + gateway.setForwardIDPIdentifier(oa.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER)); + + + return dbOA; + } + + + /** + * Convert a MOA-ID 2.x MOAIDConfiguration JaxB DAO to a 3.x key/value configuration + * + * @param config MOA-ID 2.x configuration + * @return MOA-ID 3.x key/value configuration but never null + */ + public static Map<String, String> convertHyberJaxBMOAIDConfigToKeyValue(MOAIDConfiguration config) { + Map<String, String> result = new HashMap<String, String>(); + if (config != null) { + AuthComponentGeneral auth = config.getAuthComponentGeneral(); + + if (auth != null) { + ForeignIdentities foreign = auth.getForeignIdentities(); + + if (foreign != null) { + ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter(); + if (connect_foreign != null) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL, + connect_foreign.getURL()); + } + } + + GeneralConfiguration authgen = auth.getGeneralConfiguration(); + if (authgen != null) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL, + authgen.getCertStoreDirectory()); + + if (authgen.isTrustManagerRevocationChecking() != null) + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_REVOCATIONCHECKING, + authgen.isTrustManagerRevocationChecking().toString()); + else + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_REVOCATIONCHECKING, + Boolean.TRUE.toString()); + + result.put(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, + authgen.getPublicURLPreFix()); + + TimeOuts timeouts = authgen.getTimeOuts(); + if (timeouts != null) { + + if(timeouts.getAssertion() != null) + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUTS_TRANSACTION, + String.valueOf(timeouts.getAssertion().longValue())); + if(timeouts.getMOASessionCreated() != null) + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_CREATE, + String.valueOf(timeouts.getMOASessionCreated().longValue())); + if(timeouts.getMOASessionUpdated() != null) + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_UPDATE, + String.valueOf(timeouts.getMOASessionUpdated().longValue())); + + } + } + + MOASP moaspss = auth.getMOASP(); + if (moaspss != null) { + ConnectionParameterClientAuthType con = moaspss.getConnectionParameter(); + if (con != null) + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_URL, + con.getURL()); + + VerifyAuthBlock authblock = moaspss.getVerifyAuthBlock(); + if (authblock != null) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD, + authblock.getTrustProfileID()); + + List<String> list = authblock.getVerifyTransformsInfoProfileID(); + if (list.size() == 1) + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM, + list.get(0)); + + else { + Logger.warn("More the one AuthBlocktransformation are not supported any more."); + } + } + + VerifyIdentityLink idl = moaspss.getVerifyIdentityLink(); + if (idl != null) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD, + idl.getTrustProfileID()); + } + } + + OnlineMandates mandates = auth.getOnlineMandates(); + if (mandates != null) { + ConnectionParameterClientAuthType con = mandates.getConnectionParameter(); + if (con != null) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL, + con.getURL()); + } + } + + Protocols protocols = auth.getProtocols(); + if (protocols != null) { + LegacyAllowed legacy = protocols.getLegacyAllowed(); + + if (legacy != null) { + List<String> list = legacy.getProtocolName(); + if (list.contains(MOA_CONFIG_PROTOCOL_SAML1)) + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_LEGACY, + Boolean.TRUE.toString()); + + if (list.contains(MOA_CONFIG_PROTOCOL_PVP2)) + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_LEGACY, + Boolean.TRUE.toString()); + } + + SAML1 saml1 = protocols.getSAML1(); + if (saml1 != null) { + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_ENABLED, + String.valueOf(saml1.isIsActive())); + + if (MiscUtil.isEmpty(saml1.getSourceID()) && MiscUtil.isNotEmpty(authgen.getAlternativeSourceID())) + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID, + authgen.getAlternativeSourceID()); + else + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID, + saml1.getSourceID()); + + } + + OAuth oauth = protocols.getOAuth(); + if (oauth != null) { + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID_ENABLED, + String.valueOf(oauth.isIsActive())); + + } + + PVP2 pvp2 = protocols.getPVP2(); + if (pvp2 != null) { + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_ENABLED, + String.valueOf(pvp2.isIsActive())); + + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME, + pvp2.getIssuerName()); + + List<Contact> con = pvp2.getContact(); + + if (con != null && con.size() > 0) { + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY, + con.get(0).getCompany()); + + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME, + con.get(0).getSurName()); + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME, + con.get(0).getGivenName()); + if (!con.get(0).getMail().isEmpty()) + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_MAIL, + con.get(0).getMail().get(0)); + if (!con.get(0).getPhone().isEmpty()) + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_PHONE, + con.get(0).getPhone().get(0)); + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_TYPE, + con.get(0).getType()); + } + + Organization org = pvp2.getOrganization(); + if (org != null) { + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME, + org.getDisplayName()); + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME, + org.getName()); + result.put(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_URL, + org.getURL()); + } + } + } + + SecurityLayer seclayer = auth.getSecurityLayer(); + if (seclayer != null) { + List<TransformsInfoType> list = seclayer.getTransformsInfo(); + if (!list.isEmpty()) { + try { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, + Base64Utils.encode(list.get(0).getTransformation())); + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_NAME, + list.get(0).getFilename()); + + } catch (IOException e) { + Logger.warn("AuthBlockTransformation can not converted.", e); + + } + + } else { + Logger.warn("AuthBlockTransformation can not converted."); + + } + } + + SSO sso = auth.getSSO(); + if (sso != null) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME, + sso.getFriendlyName()); + + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT, + sso.getSpecialText()); + + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, + sso.getTarget()); + } + } + + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL, + config.getTrustedCACertificates()); + + + DefaultBKUs defaultbkus = config.getDefaultBKUs(); + if (defaultbkus != null) { + result.put(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY, + defaultbkus.getHandyBKU()); + result.put(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL, + defaultbkus.getLocalBKU()); + result.put(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE, + defaultbkus.getOnlineBKU()); + } + + SLRequestTemplates slreq = config.getSLRequestTemplates(); + if (slreq != null) { + result.put(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY, + slreq.getHandyBKU()); + result.put(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_LOCAL, + slreq.getLocalBKU()); + result.put(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_ONLINE, + slreq.getOnlineBKU()); + + } + + ForeignIdentities foreign = auth.getForeignIdentities(); + + if (foreign != null) { + STORK stork = foreign.getSTORK(); + + if (stork != null) { + // deep clone all the things + // to foreclose lazyloading session timeouts + if (stork.getCPEPS() != null) { + for (int i=0; i<stork.getCPEPS().size(); i++) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY, + stork.getCPEPS().get(i).getCountryCode()); + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, + stork.getCPEPS().get(i).getURL()); + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG, + String.valueOf(stork.getCPEPS().get(i).isSupportsXMLSignature())); + + } + } + + List<StorkAttribute> tmp = stork.getAttributes(); + if(null != tmp) { + for (int i=0; i<tmp.size(); i++) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME, + tmp.get(i).getName()); + + if (tmp.get(i).isMandatory() != null) + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + tmp.get(i).isMandatory().toString()); + else + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + Boolean.FALSE.toString()); + + } + } + + try { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, + String.valueOf(stork.getQualityAuthenticationAssuranceLevel())); + + } catch(NullPointerException e) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, + String.valueOf(4)); + } + } + + } + + } + + return result; + } + + /** + * Convert a MOA-ID 3.x key/value general configuration to a 2.x JaxB DAO + * + * @param moaconfig MOA-ID 3.x key/value general configuration + * @return MOA-ID 2.x {MOAIDConfiguration} or Null if moaconfig contains no MOA-ID configuration keys + */ + public static MOAIDConfiguration convertKeyValueToHyberJaxBMOAIDConfiguration(Map<String, String> moaconfig) { + + MOAIDConfiguration dbconfig = new MOAIDConfiguration(); + + + AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral(); + if (dbauth == null) { + dbauth = new AuthComponentGeneral(); + dbconfig.setAuthComponentGeneral(dbauth); + } + + GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration(); + if (dbauthgeneral == null) { + dbauthgeneral = new GeneralConfiguration(); + dbauth.setGeneralConfiguration(dbauthgeneral); + } + + dbauthgeneral.setPublicURLPreFix(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX)); + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL))) + dbauthgeneral.setCertStoreDirectory(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL)); + + dbauthgeneral.setTrustManagerRevocationChecking(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_REVOCATIONCHECKING))); + + TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts(); + if (dbtimeouts == null) { + dbtimeouts = new TimeOuts(); + dbauthgeneral.setTimeOuts(dbtimeouts); + } + + dbtimeouts.setAssertion(new BigInteger(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUTS_TRANSACTION))); + dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_CREATE))); + dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_UPDATE))); + + Protocols dbprotocols = dbauth.getProtocols(); + if (dbprotocols == null) { + dbprotocols = new Protocols(); + dbauth.setProtocols(dbprotocols); + } + LegacyAllowed legprot = dbprotocols.getLegacyAllowed(); + if (legprot == null) { + legprot = new LegacyAllowed(); + dbprotocols.setLegacyAllowed(legprot); + } + + List<String> el = legprot.getProtocolName(); + if (el == null) { + el = new ArrayList<String>(); + legprot.setProtocolName(el); + + } + + //Workaround for DB cleaning is only needed for one or the releases (insert in 2.1.1) + if (el.size() > 2) + el.clear(); + + if (el.contains(MOA_CONFIG_PROTOCOL_PVP2)) { + if (!Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_LEGACY))) + el.remove(MOA_CONFIG_PROTOCOL_PVP2); + + } else { + if (Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_LEGACY))) + el.add(MOA_CONFIG_PROTOCOL_PVP2); + } + + if (el.contains(MOA_CONFIG_PROTOCOL_SAML1)) { + if (!Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_LEGACY))) + el.remove(MOA_CONFIG_PROTOCOL_SAML1); + + } else { + if (Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_LEGACY))) + el.add(MOA_CONFIG_PROTOCOL_SAML1); + } + + SAML1 saml1= dbprotocols.getSAML1(); + if (saml1 == null) { + saml1 = new SAML1(); + dbprotocols.setSAML1(saml1); + } + saml1.setIsActive(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_ENABLED))); + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID))) { + saml1.setSourceID(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID)); + } + + OAuth oauth= dbprotocols.getOAuth(); + if (oauth == null) { + oauth = new OAuth(); + dbprotocols.setOAuth(oauth); + } + oauth.setIsActive(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID_ENABLED))); + + PVP2 pvp2 = dbprotocols.getPVP2(); + if (pvp2 == null) { + pvp2 = new PVP2(); + dbprotocols.setPVP2(pvp2); + } + + pvp2.setIsActive(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_ENABLED))); + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME))) + pvp2.setIssuerName(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME)); + + Organization pvp2org = pvp2.getOrganization(); + if (pvp2org == null) { + pvp2org = new Organization(); + pvp2.setOrganization(pvp2org); + } + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME))) + pvp2org.setDisplayName(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME)); + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME))) + pvp2org.setName(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME)); + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_URL))) + pvp2org.setURL(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_URL)); + + List<Contact> pvp2cont = pvp2.getContact(); + if (pvp2cont == null) { + pvp2cont = new ArrayList<Contact>(); + pvp2.setContact(pvp2cont); + } + + if (pvp2cont.size() == 0) { + Contact cont = new Contact(); + pvp2cont.add(cont); + } + + Contact cont = pvp2cont.get(0); + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY))) + cont.setCompany(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY)); + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME))) + cont.setGivenName(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME)); + + cont.setMail(Arrays.asList(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_MAIL))); + + cont.setPhone(Arrays.asList(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_PHONE))); + + cont.setSurName(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME)); + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_TYPE))) + cont.setType(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_TYPE)); + + SSO dbsso = dbauth.getSSO(); + if (dbsso == null) { + dbsso = new SSO(); + dbauth.setSSO(dbsso); + } + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME))) + dbsso.setFriendlyName(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME)); + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT))) + dbsso.setSpecialText(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT)); + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET))) { + dbsso.setTarget(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET)); + } + + DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); + + if (dbbkus == null) { + dbbkus = new DefaultBKUs(); + dbconfig.setDefaultBKUs(dbbkus); + } + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY))) + dbbkus.setHandyBKU(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY)); + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE))) + dbbkus.setOnlineBKU(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE)); + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL))) + dbbkus.setLocalBKU(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL)); + + ChainingModes dbchainingmodes = dbconfig.getChainingModes(); + if (dbchainingmodes == null) { + dbchainingmodes = new ChainingModes(); + dbconfig.setChainingModes(dbchainingmodes); + } + + dbchainingmodes.setSystemDefaultMode( + ChainingModeType.PKIX); + + IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); + if (idlsigners == null) { + idlsigners = new IdentityLinkSigners(); + dbauth.setIdentityLinkSigners(idlsigners); + } + + ForeignIdentities dbforeign = dbauth.getForeignIdentities(); + if (dbforeign == null) { + dbforeign = new ForeignIdentities(); + dbauth.setForeignIdentities(dbforeign); + } + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL))) { + ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); + if (forcon == null) { + forcon = new ConnectionParameterClientAuthType(); + dbforeign.setConnectionParameter(forcon); + } + forcon.setURL(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL)); + } + + ForeignIdentities foreign = dbauth.getForeignIdentities(); + if (foreign != null) { + STORK stork = foreign.getSTORK(); + if (stork == null) { + stork = new STORK(); + foreign.setSTORK(stork); + + } + + Map<String, StorkAttribute> attrMap = new HashMap<String, StorkAttribute>(); + Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>(); + + for (String key : moaconfig.keySet()) { + if (key.startsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(key, MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST); + StorkAttribute attr = new StorkAttribute(); + attr.setName(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME)); + attr.setMandatory(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY))); + attrMap.put(index, attr); + + } else if (key.startsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(key, MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST); + CPEPS attr = new CPEPS(); + attr.setCountryCode(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY)); + + attr.setURL(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL)); + + attr.setSupportsXMLSignature(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG))); + + cpepsMap.put(index, attr); + + } + } + + stork.setAttributes(new ArrayList<StorkAttribute>(attrMap.values())); + stork.setCPEPS(new ArrayList<CPEPS>(cpepsMap.values())); + + } + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL))) { + OnlineMandates dbmandate = dbauth.getOnlineMandates(); + if (dbmandate == null) { + dbmandate = new OnlineMandates(); + dbauth.setOnlineMandates(dbmandate); + } + ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); + + if (dbmandateconnection == null) { + dbmandateconnection = new ConnectionParameterClientAuthType(); + dbmandate.setConnectionParameter(dbmandateconnection); + } + dbmandateconnection.setURL(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL)); + } + + MOASP dbmoasp = dbauth.getMOASP(); + if (dbmoasp == null) { + dbmoasp = new MOASP(); + dbauth.setMOASP(dbmoasp); + } + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_URL))) { + ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); + if (moaspcon == null) { + moaspcon = new ConnectionParameterClientAuthType(); + dbmoasp.setConnectionParameter(moaspcon); + } + moaspcon.setURL(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_URL)); + } + VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); + if (moaidl == null) { + moaidl = new VerifyIdentityLink(); + dbmoasp.setVerifyIdentityLink(moaidl); + } + moaidl.setTrustProfileID(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD)); + VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); + if (moaauth == null) { + moaauth = new VerifyAuthBlock(); + dbmoasp.setVerifyAuthBlock(moaauth); + } + moaauth.setTrustProfileID(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD)); + + if (moaauth.getVerifyTransformsInfoProfileID() == null) { + moaauth.setVerifyTransformsInfoProfileID(new ArrayList<String>()); + + } + moaauth.getVerifyTransformsInfoProfileID().add(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM)); + + SecurityLayer seclayertrans = dbauth.getSecurityLayer(); + if (seclayertrans == null) { + seclayertrans = new SecurityLayer(); + dbauth.setSecurityLayer(seclayertrans); + } + + try { + List<TransformsInfoType> trans = new ArrayList<TransformsInfoType>(); + TransformsInfoType elem = new TransformsInfoType(); + elem.setTransformation(Base64Utils.decode(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64), false)); + elem.setFilename(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_NAME)); + trans.add(elem); + seclayertrans.setTransformsInfo(trans); + + } catch (IOException e) { + Logger.warn("Converting AuthBlock transformation FAILED.", e); + } + + + SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); + if (slrequesttempl == null) { + slrequesttempl = new SLRequestTemplates(); + dbconfig.setSLRequestTemplates(slrequesttempl); + } + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY))) + slrequesttempl.setHandyBKU(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY)); + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_LOCAL))) + slrequesttempl.setLocalBKU(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_LOCAL)); + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_ONLINE))) + slrequesttempl.setOnlineBKU(moaconfig.get(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_ONLINE)); + + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL))) + dbconfig.setTrustedCACertificates(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL)); + + + return dbconfig; + } + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java new file mode 100644 index 000000000..2a8cd9c1c --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java @@ -0,0 +1,69 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.config; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; + +import javax.xml.bind.JAXBException; + +/** + * @author tlenz + * + */ +public class MigrationTest { + + public static void main(String[] args) { + + String inputFile = "D:/Projekte/svn/moa-id/MOAID-2.0_config_test.xml"; + String outputFile = "D:/Projekte/svn/moa-id/MOAID-3.0_config.propery"; + + String moaidconfig = "D:/Projekte/svn/moa-id/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/moa-id/moa-id.properties"; + try { + FileInputStream input = new FileInputStream(inputFile); + File out = new File(outputFile); + + ConfigurationUtil utils = new ConfigurationUtil(true); + utils.readFromXMLFileConvertToPropertyFile(input, out); + + FileInputStream dbInput = new FileInputStream(outputFile); + utils.readFromFileWriteToDB(dbInput, moaidconfig); + + + } catch (JAXBException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java new file mode 100644 index 000000000..626db2167 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java @@ -0,0 +1,101 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.utils; + +/** + * @author tlenz + * + */ +public class KeyValueUtils { + + /** + * Extract the first child of an input key after a the prefix + * + * @param key: Full input key + * @param prefix: Prefix + * @return Child key {String} if it exists or null + */ + public static String getFirstChildAfterPrefix(String key, String prefix) { + String idAfterPrefix = removePrefixFromKey(key, prefix); + if (idAfterPrefix != null) { + int index = idAfterPrefix.indexOf("."); + if (index > 0) { + String adding = idAfterPrefix.substring(0, index); + if (!(adding.isEmpty())) { + return adding; + + } + } else if (!(idAfterPrefix.isEmpty())) { + return idAfterPrefix; + + } + + } + return null; + } + + /** + * Extract the prefix from an input key + * + * @param key: Full input key + * @param suffix: Suffix of this key + * @return Prefix {String} of the key or null if input key does not ends with postfix string + */ + public static String getPrefixFromKey(String key, String suffix) { + if (key != null && key.endsWith(suffix)) { + String idPreforeSuffix = key.substring(0, key.length()-suffix.length()); + if (idPreforeSuffix.endsWith(".")) + return idPreforeSuffix.substring(0, idPreforeSuffix.length()-1); + else + return idPreforeSuffix; + } + return null; + + } + + /** + * Remove a prefix string from a key + * + * @param key: Full input key + * @param prefix: Prefix, which should be removed + * @return The suffix of the input key or null if the input does not starts with the prefix + */ + public static String removePrefixFromKey(String key, String prefix) { + if (prefix == null) + prefix = new String(); + + if (key!=null && key.startsWith(prefix)) { + String afterPrefix = key.substring(prefix.length()); + int index = afterPrefix.indexOf("."); + + if (index == 0) { + afterPrefix = afterPrefix.substring(1); + + } + return afterPrefix; + + } + return null; + } + +} |