aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules/moa-id-modul-citizencard_authentication/src/main/java')
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java86
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java11
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java5
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java6
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java408
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java20
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java22
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java21
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java185
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java29
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java41
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java11
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java37
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java22
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java21
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java14
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java6
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java8
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java42
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java210
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java302
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java6
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java11
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java4
29 files changed, 296 insertions, 1242 deletions
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 3d0073276..a77ba45a5 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -4,7 +4,6 @@ package at.gv.egovernment.moa.id.auth;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.util.Calendar;
@@ -21,27 +20,30 @@ import org.apache.xpath.XPathAPI;
import org.opensaml.xml.util.Base64;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
-import org.springframework.util.Base64Utils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
+import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.BKUException;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.exception.ServiceException;
@@ -53,29 +55,25 @@ import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
+import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
-import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;
+import at.gv.egovernment.moa.id.commons.api.exceptions.BKUException;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl;
-import at.gv.egovernment.moa.id.data.Pair;
import at.gv.egovernment.moa.id.logging.SpecificTraceLogger;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
import at.gv.egovernment.moaspss.logging.LogMsg;
@@ -96,7 +94,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
@Autowired private MOAReversionLogger revisionsLogger;
@Autowired private AuthConfiguration authConfig;
-
+
/**
* Constructor for AuthenticationServer.
*/
@@ -148,12 +146,12 @@ public class AuthenticationServer extends BaseAuthenticationServer {
}
//load OnlineApplication configuration
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[]{pendingReq.getOAURL()});
+ throw new AuthenticationException("auth.00", new Object[]{pendingReq.getSPEntityId()});
//load Template
- String templateURL = pendingReq.getGenericData(
+ String templateURL = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE, String.class);
String template = null;
if (MiscUtil.isNotEmpty(templateURL)) {
@@ -203,7 +201,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
//build DataURL for BKU request
String dataURL = new DataURLBuilder().buildDataURL(
- pendingReq.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, pendingReq.getRequestID());
+ pendingReq.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, pendingReq.getPendingRequestId());
//removed in MOAID 2.0
String pushInfobox = "";
@@ -298,7 +296,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
.build(identityLink, authConfig
- .getMoaSpIdentityLinkTrustProfileID(pendingReq.getOnlineApplicationConfiguration().isUseIDLTestTrustStore()));
+ .getMoaSpIdentityLinkTrustProfileID(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).isUseIDLTestTrustStore()));
// invokes the call
Element domVerifyXMLSignatureResponse = SignatureVerificationInvoker.getInstance()
@@ -307,14 +305,15 @@ public class AuthenticationServer extends BaseAuthenticationServer {
IVerifiyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
domVerifyXMLSignatureResponse).parseData();
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
// validates the <VerifyXMLSignatureResponse>
VerifyXMLSignatureResponseValidator.getInstance().validate(
verifyXMLSignatureResponse,
authConfig.getIdentityLinkX509SubjectNames(),
VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK,
- oaParam);
+ oaParam,
+ authConfig);
session.setIdentityLink(identityLink);
// now validate the extended infoboxes
@@ -322,8 +321,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
//Removed in MOA-ID 2.0
//verifyInfoboxes(session, infoboxReadResponseParameters, false);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED);
return "found!";
}
@@ -401,7 +399,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
throw new AuthenticationException("auth.10", new Object[]{
GET_MIS_SESSIONID, PARAM_SESSIONID});
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
try {
// sets the extended SAML attributes for OID (Organwalter)
setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam
@@ -436,9 +434,9 @@ public class AuthenticationServer extends BaseAuthenticationServer {
*/
public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
IAuthenticationSession session, IRequest pendingReq) throws ConfigurationException,
- BuildException, ValidateException {
+ BuildException, ValidateException, EAAFBuilderException {
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
// builds the AUTH-block
String authBlock = buildAuthenticationBlock(session, oaParam, pendingReq);
@@ -450,10 +448,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
.build(authBlock, oaParam.getKeyBoxIdentifier(),
transformsInfos);
- SpecificTraceLogger.trace("Req. Authblock: " + Base64Utils.encodeToString(createXMLSignatureRequest.getBytes()));
- SpecificTraceLogger.trace("OA config: " + pendingReq.getOnlineApplicationConfiguration().toString());
- SpecificTraceLogger.trace("saml1RequestedTarget: " + pendingReq.getGenericData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class));
- SpecificTraceLogger.trace("saml1RequestedFriendlyName: " + pendingReq.getGenericData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class));
+ SpecificTraceLogger.trace("Req. Authblock: " + createXMLSignatureRequest);
+ SpecificTraceLogger.trace("OA config: " + pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).toString());
+ SpecificTraceLogger.trace("saml1RequestedTarget: " + pendingReq.getRawData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class));
+ SpecificTraceLogger.trace("saml1RequestedFriendlyName: " + pendingReq.getRawData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class));
return createXMLSignatureRequest;
}
@@ -517,8 +515,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
xmlReadInfoboxResponse);
X509Certificate cert = p.parseCertificate();
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED);
return cert;
@@ -536,7 +533,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
* @throws ConfigurationException
*/
private String buildAuthenticationBlock(IAuthenticationSession session,
- IOAAuthParameters oaParam, IRequest pendingReq) throws BuildException, ConfigurationException {
+ IOAAuthParameters oaParam, IRequest pendingReq) throws BuildException, ConfigurationException, EAAFBuilderException {
IIdentityLink identityLink = session.getIdentityLink();
String issuer = identityLink.getName();
@@ -550,10 +547,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
String authURL = pendingReq.getAuthURL();
@Deprecated
- String saml1RequestedTarget = pendingReq.getGenericData(
+ String saml1RequestedTarget = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class);
@Deprecated
- String saml1RequestedFriendlyName = pendingReq.getGenericData(
+ String saml1RequestedFriendlyName = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class);
@@ -935,7 +932,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
public void verifyAuthenticationBlock(IRequest pendingReq, IAuthenticationSession session,
String xmlCreateXMLSignatureReadResponse)
throws AuthenticationException, BuildException, ParseException,
- ConfigurationException, ServiceException, ValidateException, BKUException {
+ ConfigurationException, ServiceException, ValidateException, BKUException, EAAFBuilderException {
if (session == null)
throw new AuthenticationException("auth.10", new Object[]{
@@ -965,13 +962,11 @@ public class AuthenticationServer extends BaseAuthenticationServer {
new CreateXMLSignatureResponseValidator().validateSSO(csresp, session, pendingReq);
else
- new CreateXMLSignatureResponseValidator().validate(csresp, session, pendingReq,
- authConfig.getBasicMOAIDConfigurationBoolean(
- ConfigurationProviderImpl.VALIDATION_AUTHBLOCK_TARGETFRIENDLYNAME, true));
+ new CreateXMLSignatureResponseValidator().validate(csresp, session, pendingReq);
// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
List<String> vtids = authConfig.getMoaSpAuthBlockVerifyTransformsInfoIDs();
- String tpid = authConfig.getMoaSpAuthBlockTrustProfileID(pendingReq.getOnlineApplicationConfiguration().isUseAuthBlockTestTestStore());
+ String tpid = authConfig.getMoaSpAuthBlockTrustProfileID(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).isUseAuthBlockTestTestStore());
Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp,
vtids, tpid);
// debug output
@@ -1001,12 +996,13 @@ public class AuthenticationServer extends BaseAuthenticationServer {
}
}
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
// validates the <VerifyXMLSignatureResponse>
VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp,
null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK,
- oaParam);
+ oaParam,
+ authConfig);
// Compare AuthBlock Data with information stored in session, especially
// date and time
@@ -1040,10 +1036,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
session.setForeigner(false);
//set QAA Level four in case of card authentifcation
- session.setQAALevel(PVPConstants.STORK_QAA_1_4);
+ session.setQAALevel(PVPConstants.EIDAS_QAA_HIGH);
+
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED);
revisionsLogger.logPersonalInformationEvent(pendingReq, session.getIdentityLink()
);
@@ -1075,7 +1071,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
*/
protected Element createIdentificationBPK(Element mandatePerson,
- String baseid, String target) throws BuildException {
+ String baseid, String target) throws BuildException, EAAFBuilderException {
Element identificationBpK = mandatePerson.getOwnerDocument()
.createElementNS(Constants.PD_NS_URI, "Identification");
Element valueBpK = mandatePerson.getOwnerDocument().createElementNS(
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
index 9a807ca00..a2a38c9dd 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
@@ -31,10 +31,10 @@ import javax.xml.transform.TransformerException;
import org.w3c.dom.Element;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.StringUtils;
/**
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index bc28d4f0e..a2e03bc4e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -47,21 +47,21 @@ import javax.xml.transform.stream.StreamResult;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
@@ -69,8 +69,7 @@ import at.gv.egovernment.moa.util.StringUtils;
* Builder for the authentication block <code>&lt;saml:Assertion&gt;</code>
* to be included in a <code>&lt;CreateXMLSignatureResponse&gt;</code>.
*
- * @author Paul Ivancsics
- * @version $Id$
+ * @author Paul Ivancsics
*/
public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertionBuilder implements Constants {
@@ -163,7 +162,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
result.put(AUTHBLOCK_TEXT_PATTERN_TIME, timeformat.format(datetime.getTime()));
//set other values from pendingReq if exists
- Map<?,?> processSpecificElements = pendingReq.getGenericData(PENDING_REQ_AUTHBLOCK_TEXT_KEY, Map.class);
+ Map<?,?> processSpecificElements = pendingReq.getRawData(PENDING_REQ_AUTHBLOCK_TEXT_KEY, Map.class);
if (processSpecificElements != null && !processSpecificElements.isEmpty()) {
Logger.debug("Find process-specific patterns for 'special AuthBlock-Text'. Start processing ...");
Iterator<?> mapIterator = processSpecificElements.entrySet().iterator();
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
index a904242e1..8e80fbbbb 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
@@ -49,9 +49,9 @@ package at.gv.egovernment.moa.id.auth.builder;
import java.io.IOException;
import java.text.MessageFormat;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.FileUtils;
/**
* Builder for the <code>&lt;VerifyXMLSignatureRequest&gt;</code> structure
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index f7aba5e53..e4063903d 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -156,9 +156,10 @@ public class GetIdentityLinkFormBuilder extends Builder {
String dataURL,
String certInfoXMLRequest,
String certInfoDataURL,
- String pushInfobox, IOAAuthParameters oaParam,
+ String pushInfobox,
+ IOAAuthParameters oaParam,
String appletheigth,
- String appletwidth,
+ String appletwidth,
String contextURL)
throws BuildException
{
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
index 9dcc93e9f..fb65bac04 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
@@ -49,10 +49,10 @@ package at.gv.egovernment.moa.id.auth.builder;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
+import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
-import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
/**
* Builder for the <code>lt;pr:Person&gt;</code> element to be inserted
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java
index 306c871fc..ee58b7fa1 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java
@@ -50,9 +50,9 @@ import java.text.MessageFormat;
import org.w3c.dom.Element;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.StringUtils;
/**
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java
deleted file mode 100644
index e6adcf159..000000000
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java
+++ /dev/null
@@ -1,408 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.util.List;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.exception.BuildException;
-import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Builder for the <code>&lt;VerifyXMLSignatureRequestBuilder&gt;</code> structure
- * used for sending the DSIG-Signature of the Security Layer card for validating to MOA-SP.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class VerifyXMLSignatureRequestBuilder {
-
- /** shortcut for XMLNS namespace URI */
- private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI;
- /** shortcut for MOA namespace URI */
- private static final String MOA_NS_URI = Constants.MOA_NS_URI;
- /** The DSIG-Prefix */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
-
- /** The document containing the <code>VerifyXMLsignatureRequest</code> */
- private Document requestDoc_;
- /** the <code>VerifyXMLsignatureRequest</code> root element */
- private Element requestElem_;
-
-
- /**
- * Builds the body for a <code>VerifyXMLsignatureRequest</code> including the root
- * element and namespace declarations.
- *
- * @throws BuildException If an error occurs on building the document.
- */
- public VerifyXMLSignatureRequestBuilder() throws BuildException {
- try {
- DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
- requestDoc_ = docBuilder.newDocument();
- requestElem_ = requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest");
- requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI);
- requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
- requestDoc_.appendChild(requestElem_);
- } catch (Throwable t) {
- throw new BuildException(
- "builder.00",
- new Object[] {"VerifyXMLSignatureRequest", t.toString()},
- t);
- }
- }
-
-
- /**
- * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
- * from an IdentityLink with a known trustProfileID which
- * has to exist in MOA-SP
- * @param identityLink - The IdentityLink
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- *
- * @return Element - The complete request as Dom-Element
- *
- * @throws ParseException
- */
- public Element build(IIdentityLink identityLink, String trustProfileID)
- throws ParseException
- {
- try {
- // build the request
- Element dateTimeElem = requestDoc_.createElementNS(MOA_NS_URI, "DateTime");
- requestElem_.appendChild(dateTimeElem);
- Node dateTime = requestDoc_.createTextNode(identityLink.getIssueInstant());
- dateTimeElem.appendChild(dateTime);
- Element verifiySignatureInfoElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo");
- requestElem_.appendChild(verifiySignatureInfoElem);
- Element verifySignatureEnvironmentElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment");
- verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem);
- Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content");
- verifySignatureEnvironmentElem.appendChild(base64ContentElem);
- // insert the base64 encoded identity link SAML assertion
- String serializedAssertion = identityLink.getSerializedSamlAssertion();
- String base64EncodedAssertion = Base64Utils.encode(serializedAssertion.getBytes("UTF-8"));
- //replace all '\r' characters by no char.
- StringBuffer replaced = new StringBuffer();
- for (int i = 0; i < base64EncodedAssertion.length(); i ++) {
- char c = base64EncodedAssertion.charAt(i);
- if (c != '\r') {
- replaced.append(c);
- }
- }
- base64EncodedAssertion = replaced.toString();
- Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion);
- base64ContentElem.appendChild(base64Content);
- // specify the signature location
- Element verifySignatureLocationElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation");
- verifiySignatureInfoElem.appendChild(verifySignatureLocationElem);
- Node signatureLocation = requestDoc_.createTextNode(DSIG + "Signature");
- verifySignatureLocationElem.appendChild(signatureLocation);
- // signature manifest params
- Element signatureManifestCheckParamsElem =
- requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
- requestElem_.appendChild(signatureManifestCheckParamsElem);
- signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false");
- // add the transforms
- Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo");
- signatureManifestCheckParamsElem.appendChild(referenceInfoElem);
- Element[] dsigTransforms = identityLink.getDsigReferenceTransforms();
-
- for (int i = 0; i < dsigTransforms.length; i++) {
- Element verifyTransformsInfoProfileElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfile");
- referenceInfoElem.appendChild(verifyTransformsInfoProfileElem);
- verifyTransformsInfoProfileElem.appendChild(requestDoc_.importNode(dsigTransforms[i], true));
- }
- Element returnHashInputDataElem =
- requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData");
- requestElem_.appendChild(returnHashInputDataElem);
- Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID");
- trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID));
- requestElem_.appendChild(trustProfileIDElem);
- } catch (Throwable t) {
- throw new ParseException("builder.00",
- new Object[] { "VerifyXMLSignatureRequest (IdentityLink)" }, t);
- }
-
- return requestElem_;
- }
-
- /**
- * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
- * from an IdentityLink with a known trustProfileID which
- * has to exist in MOA-SP
- * @param identityLink - The IdentityLink
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- *
- * @return Element - The complete request as Dom-Element
- *
- * @throws ParseException
- */
- public Element build(byte[]mandate, String trustProfileID)
- throws ParseException
- {
- try {
- // build the request
-// Element dateTimeElem = requestDoc_.createElementNS(MOA_NS_URI, "DateTime");
-// requestElem_.appendChild(dateTimeElem);
-// Node dateTime = requestDoc_.createTextNode(identityLink.getIssueInstant());
-// dateTimeElem.appendChild(dateTime);
- Element verifiySignatureInfoElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo");
- requestElem_.appendChild(verifiySignatureInfoElem);
- Element verifySignatureEnvironmentElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment");
- verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem);
- Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content");
- verifySignatureEnvironmentElem.appendChild(base64ContentElem);
- // insert the base64 encoded identity link SAML assertion
- //String serializedAssertion = identityLink.getSerializedSamlAssertion();
- //String base64EncodedAssertion = Base64Utils.encode(mandate.getBytes("UTF-8"));
- String base64EncodedAssertion = Base64Utils.encode(mandate);
- //replace all '\r' characters by no char.
- StringBuffer replaced = new StringBuffer();
- for (int i = 0; i < base64EncodedAssertion.length(); i ++) {
- char c = base64EncodedAssertion.charAt(i);
- if (c != '\r') {
- replaced.append(c);
- }
- }
- base64EncodedAssertion = replaced.toString();
- Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion);
- base64ContentElem.appendChild(base64Content);
- // specify the signature location
- Element verifySignatureLocationElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation");
- verifiySignatureInfoElem.appendChild(verifySignatureLocationElem);
- Node signatureLocation = requestDoc_.createTextNode(DSIG + "Signature");
- verifySignatureLocationElem.appendChild(signatureLocation);
- // signature manifest params
- Element signatureManifestCheckParamsElem =
- requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
- requestElem_.appendChild(signatureManifestCheckParamsElem);
- signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false");
-// // add the transforms
-// Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo");
-// signatureManifestCheckParamsElem.appendChild(referenceInfoElem);
-// Element[] dsigTransforms = identityLink.getDsigReferenceTransforms();
-//
-// for (int i = 0; i < dsigTransforms.length; i++) {
-// Element verifyTransformsInfoProfileElem =
-// requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfile");
-// referenceInfoElem.appendChild(verifyTransformsInfoProfileElem);
-// verifyTransformsInfoProfileElem.appendChild(requestDoc_.importNode(dsigTransforms[i], true));
-// }
- Element returnHashInputDataElem =
- requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData");
- requestElem_.appendChild(returnHashInputDataElem);
- Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID");
- trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID));
- requestElem_.appendChild(trustProfileIDElem);
- } catch (Throwable t) {
- throw new ParseException("builder.00",
- new Object[] { "VerifyXMLSignatureRequest (IdentityLink)" }, t);
- }
-
- return requestElem_;
- }
-
-
- /**
- * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
- * from the signed AUTH-Block with a known trustProfileID which
- * has to exist in MOA-SP
- * @param csr - signed AUTH-Block
- * @param verifyTransformsInfoProfileID - allowed verifyTransformsInfoProfileID
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- * @return Element - The complete request as Dom-Element
- * @throws ParseException
- */
- public Element build(
- CreateXMLSignatureResponse csr,
- List<String> verifyTransformsInfoProfileID,
- String trustProfileID)
- throws BuildException { //samlAssertionObject
-
- try {
- // build the request
-// requestElem_.setAttributeNS(Constants.XMLNS_NS_URI, "xmlns:"
-// + Constants.XML_PREFIX, Constants.XMLNS_NS_URI);
- Element verifiySignatureInfoElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo");
- requestElem_.appendChild(verifiySignatureInfoElem);
- Element verifySignatureEnvironmentElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment");
- verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem);
- Element xmlContentElem = requestDoc_.createElementNS(MOA_NS_URI, "XMLContent");
- verifySignatureEnvironmentElem.appendChild(xmlContentElem);
- xmlContentElem.setAttribute(Constants.XML_PREFIX + ":space", "preserve");
- // insert the SAML assertion
- xmlContentElem.appendChild(requestDoc_.importNode(csr.getSamlAssertion(), true));
- // specify the signature location
- Element verifySignatureLocationElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation");
- verifiySignatureInfoElem.appendChild(verifySignatureLocationElem);
- Node signatureLocation = requestDoc_.createTextNode(DSIG + "Signature");
- verifySignatureLocationElem.appendChild(signatureLocation);
- // signature manifest params
- Element signatureManifestCheckParamsElem =
- requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
- requestElem_.appendChild(signatureManifestCheckParamsElem);
- signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "true");
- // add the transform profile IDs
- Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo");
- signatureManifestCheckParamsElem.appendChild(referenceInfoElem);
-
-// for (int i = 0; i < verifyTransformsInfoProfileID.length; i++) {
-//
-// Element verifyTransformsInfoProfileIDElem =
-// requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID");
-// referenceInfoElem.appendChild(verifyTransformsInfoProfileIDElem);
-// verifyTransformsInfoProfileIDElem.appendChild(
-// requestDoc_.createTextNode(verifyTransformsInfoProfileID[i]));
-// }
-
- for (String element : verifyTransformsInfoProfileID) {
-
- Element verifyTransformsInfoProfileIDElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID");
- referenceInfoElem.appendChild(verifyTransformsInfoProfileIDElem);
- verifyTransformsInfoProfileIDElem.appendChild(
- requestDoc_.createTextNode(element));
- }
-
- Element returnHashInputDataElem =
- requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData");
- requestElem_.appendChild(returnHashInputDataElem);
- Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID");
- trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID));
- requestElem_.appendChild(trustProfileIDElem);
-
- } catch (Throwable t) {
- throw new BuildException("builder.00", new Object[] { "VerifyXMLSignatureRequest" }, t);
- }
-
- return requestElem_;
- }
-
- /**
- * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
- * from the signed data with a known trustProfileID which
- * has to exist in MOA-SP
- * @param csr - signed AUTH-Block
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- * @return Element - The complete request as Dom-Element
- * @throws ParseException
- */
- public Element buildDsig(
- CreateXMLSignatureResponse csr,
- String trustProfileID)
- throws BuildException { //samlAssertionObject
-
- try {
- // build the request
-// requestElem_.setAttributeNS(Constants.XMLNS_NS_URI, "xmlns:"
-// + Constants.XML_PREFIX, Constants.XMLNS_NS_URI);
-
- Element verifiySignatureInfoElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo");
- requestElem_.appendChild(verifiySignatureInfoElem);
- Element verifySignatureEnvironmentElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment");
- verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem);
-
- Element xmlContentElem = requestDoc_.createElementNS(MOA_NS_URI, "XMLContent");
- verifySignatureEnvironmentElem.appendChild(xmlContentElem);
- xmlContentElem.setAttribute(Constants.XML_PREFIX + ":space", "preserve");
-
- // insert the dsig:Signature
- xmlContentElem.appendChild(requestDoc_.importNode(csr.getDsigSignature(), true));
- // specify the signature location
- Element verifySignatureLocationElem =
- requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation");
- verifiySignatureInfoElem.appendChild(verifySignatureLocationElem);
- Node signatureLocation = requestDoc_.createTextNode("/"+ DSIG + "Signature");
- verifySignatureLocationElem.appendChild(signatureLocation);
- // signature manifest params
- Element signatureManifestCheckParamsElem =
- requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
- requestElem_.appendChild(signatureManifestCheckParamsElem);
- signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "true");
- // add the transform profile IDs
- Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo");
- signatureManifestCheckParamsElem.appendChild(referenceInfoElem);
-
- Element returnHashInputDataElem =
- requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData");
- requestElem_.appendChild(returnHashInputDataElem);
- Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID");
-
- trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID));
- requestElem_.appendChild(trustProfileIDElem);
-
- } catch (Throwable t) {
- throw new BuildException("builder.00", new Object[] { "VerifyXMLSignatureRequest" }, t);
- }
-
- return requestElem_;
- }
-
-}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
index 7caf2f5a1..1962d6c82 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
@@ -3,9 +3,9 @@ package at.gv.egovernment.moa.id.auth.modules.internal;
import org.apache.commons.lang3.StringUtils;
-import at.gv.egovernment.moa.id.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
/**
* Module descriptor
@@ -16,7 +16,7 @@ public class DefaultCitizenCardAuthModuleImpl implements AuthModule {
public int getPriority() {
return 0;
}
-
+
@Override
public String selectProcess(ExecutionContext context) {
//select process if BKU is selected and it is no STORK authentication
@@ -26,10 +26,16 @@ public class DefaultCitizenCardAuthModuleImpl implements AuthModule {
if (performBKUSelectionObj != null && performBKUSelectionObj instanceof Boolean)
performBKUSelection = (boolean) performBKUSelectionObj;
- if ( (StringUtils.isBlank((String) context.get("ccc")) &&
- StringUtils.isBlank((String) context.get("CCC")) ) &&
- StringUtils.isNotBlank((String) context.get(MOAIDAuthConstants.PARAM_BKU)) &&
- !performBKUSelection)
+ if ( (StringUtils.isBlank((String) context.get("ccc"))
+ && StringUtils.isBlank((String) context.get("CCC"))
+// && ( StringUtils.isBlank((String) context.get("useeIDAS"))
+// || ( StringUtils.isNotBlank((String) context.get("useeIDAS"))
+// && !Boolean.parseBoolean((String) context.get("useeIDAS"))
+// )
+// )
+ )
+ && StringUtils.isNotBlank((String) context.get(MOAIDAuthConstants.PARAM_BKU)) && !performBKUSelection )
+
return "DefaultAuthentication";
else
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
index 000a47438..3eb7225a8 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
@@ -10,15 +10,15 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.BooleanUtils;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -50,10 +50,9 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {
throws TaskExecutionException {
Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate.");
- try {
- //execute default task initialization
- defaultTaskInitialization(req, executionContext);
-
+ try {
+ //execute default task initialization
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
boolean useMandate = moasession.isMandateUsed();
boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable"));
if (!identityLinkAvailable && useMandate) {
@@ -66,7 +65,7 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {
// build dataurl (to the VerifyCertificateSerlvet)
String dataurl = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), REQ_VERIFY_CERTIFICATE,
- pendingReq.getRequestID());
+ pendingReq.getPendingRequestId());
CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, infoboxReadRequest,
AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
@@ -77,9 +76,6 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {
} catch (IOException e) {
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
- } catch (MOADatabaseException e1) {
- throw new TaskExecutionException(pendingReq, e1.getMessage(), e1);
-
} finally {
}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
index e1495f254..50add6beb 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
@@ -10,14 +10,15 @@ import org.springframework.stereotype.Component;
import com.google.common.net.MediaType;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.StringUtils;
@@ -61,20 +62,18 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
- try {
+ try {
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
-
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
+
//normal MOA-ID authentication
Logger.debug("Starting normal MOA-ID authentication");
String getIdentityLinkForm = authServer.startAuthentication(moasession, req, pendingReq);
if (BooleanUtils.isTrue((Boolean) executionContext.get("useMandate")))
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_URL, moasession.getBkuURL());
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_URL, moasession.getBkuURL());
if (!StringUtils.isEmpty(getIdentityLinkForm)) {
byte[] content = getIdentityLinkForm.getBytes("UTF-8");
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
index ba778002d..ef9ddc1cd 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
@@ -1,42 +1,18 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.PARAM_XMLRESPONSE;
-import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.cert.CertificateException;
-import java.util.Map;
-
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.xml.transform.TransformerException;
-import org.apache.commons.fileupload.FileUploadException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
-import org.w3c.dom.Element;
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.id.client.utils.SZRGWClientUtils;
-import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
/**
* Evaluates the {@code CreateXMLSignatureResponse}, extracts signature and certificate and asks the SZR Gateway for an identity link.<p/>
@@ -71,86 +47,87 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
-
- Logger.debug("POST GetForeignIDServlet");
-
- Map<String, String> parameters;
-
try {
- parameters = getParameters(req);
-
- } catch (FileUploadException | IOException e) {
- Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
- throw new TaskExecutionException(pendingReq, "Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
- }
-
- try {
- //check if response exists
- String xmlCreateXMLSignatureResponse = (String) parameters.get(PARAM_XMLRESPONSE);
- if (!ParamValidatorUtils.isValidXMLDocument(xmlCreateXMLSignatureResponse)) {
- throw new WrongParametersException("GetForeignID", PARAM_XMLRESPONSE, "auth.12");
-
- }
- Logger.debug(xmlCreateXMLSignatureResponse);
-
- //execute default task initialization
- defaultTaskInitialization(req, executionContext);
-
-
- CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse)
- .parseResponseDsig();
-
- try {
- String serializedAssertion = DOMUtils.serializeNode(csresp.getDsigSignature());
- moasession.setAuthBlock(serializedAssertion);
+ throw new MOAIDException("auth.36", new Object[]{"Foreign authentication IS ONLY supported by using eIDAS"});
- } catch (TransformerException e) {
- throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
-
- } catch (IOException e) {
- throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
-
- }
-
- Element signature = csresp.getDsigSignature();
-
- try {
- moasession.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature));
-
- } catch (CertificateException e) {
- Logger.error("Could not extract certificate from CreateXMLSignatureResponse");
- throw new MOAIDException("auth.14", null);
- }
-
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_CONNECTED);
- // make SZR request to the identity link
- CreateIdentityLinkResponse response = SZRGWClientUtils.getIdentityLink(pendingReq, signature);
-
- if (null != response.getErrorResponse()) {
- // TODO fix exception parameter
- throw new SZRGWClientException("service.08", (String) response.getErrorResponse().getErrorCode(),
- (String) response.getErrorResponse().getInfo());
- } else {
- IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(
- response.getIdentityLink()));
- IIdentityLink identitylink = ilParser.parseIdentityLink();
- moasession.setIdentityLink(identitylink);
-
- // set QAA Level four in case of card authentifcation
- moasession.setQAALevel(PVPConstants.STORK_QAA_1_4);
-
- authServer.getForeignAuthenticationData(moasession);
-
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED);
-
- //store pending request
- requestStoreage.storePendingRequest(pendingReq);
-
-
- }
+// Logger.debug("POST GetForeignIDServlet");
+//
+// Map<String, String> parameters;
+//
+//
+// parameters = getParameters(req);
+//
+// } catch (FileUploadException | IOException e) {
+// Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
+// throw new TaskExecutionException(pendingReq, "Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
+// }
+//
+// try {
+// //check if response exists
+// String xmlCreateXMLSignatureResponse = (String) parameters.get(PARAM_XMLRESPONSE);
+// if (!ParamValidatorUtils.isValidXMLDocument(xmlCreateXMLSignatureResponse)) {
+// throw new WrongParametersException("GetForeignID", PARAM_XMLRESPONSE, "auth.12");
+//
+// }
+// Logger.debug(xmlCreateXMLSignatureResponse);
+//
+// //execute default task initialization
+// AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+//
+// CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse)
+// .parseResponseDsig();
+//
+// try {
+// String serializedAssertion = DOMUtils.serializeNode(csresp.getDsigSignature());
+// moasession.setAuthBlock(serializedAssertion);
+//
+// } catch (TransformerException e) {
+// throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
+//
+// } catch (IOException e) {
+// throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
+//
+// }
+//
+// Element signature = csresp.getDsigSignature();
+//
+// try {
+// moasession.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature));
+//
+// } catch (CertificateException e) {
+// Logger.error("Could not extract certificate from CreateXMLSignatureResponse");
+// throw new MOAIDException("auth.14", null);
+// }
+//
+// revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_CONNECTED);
+//
+// // make SZR request to the identity link
+// CreateIdentityLinkResponse response = SZRGWClientUtils.getIdentityLink(pendingReq, signature);
+//
+// if (null != response.getErrorResponse()) {
+// // TODO fix exception parameter
+// throw new SZRGWClientException("service.08", (String) response.getErrorResponse().getErrorCode(),
+// (String) response.getErrorResponse().getInfo());
+// } else {
+// IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(
+// response.getIdentityLink()));
+// IIdentityLink identitylink = ilParser.parseIdentityLink();
+// moasession.setIdentityLink(identitylink);
+//
+// // set QAA Level four in case of card authentifcation
+// moasession.setQAALevel(PVPConstants.EIDAS_QAA_HIGH);
+//
+// authServer.getForeignAuthenticationData(moasession);
+//
+// revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED);
+//
+// //store pending request
+// pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
+// requestStoreage.storePendingRequest(pendingReq);
+//
+//
+// }
} catch (MOAIDException ex) {
throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
index 3383cf201..e4966a53b 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
@@ -15,20 +15,23 @@ import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import org.xml.sax.SAXException;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.data.MISMandate;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
import iaik.pki.PKIException;
/**
@@ -58,28 +61,29 @@ import iaik.pki.PKIException;
public class GetMISSessionIDTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+ @Autowired private AuthConfiguration moaAuthConfig;
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
-
+
Logger.debug("POST GetMISSessionIDServlet");
try {
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
//get MIS sessionID
String misSessionID = moasession.getMISSessionID();
//get mandates from MIS
- ConnectionParameterInterface connectionParameters = authConfig
- .getOnlineMandatesConnectionParameter(pendingReq.getOnlineApplicationConfiguration());
+ ConnectionParameterInterface connectionParameters = moaAuthConfig
+ .getOnlineMandatesConnectionParameter(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class));
SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(
- authConfig,
+ moaAuthConfig,
connectionParameters);
List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest(
- connectionParameters.getUrl(), misSessionID, sslFactory, authConfig);
+ connectionParameters.getUrl(), misSessionID, sslFactory, moaAuthConfig);
//check if mandates received
if (list == null || list.size() == 0) {
@@ -87,8 +91,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
throw new AuthenticationException("auth.15", null);
}
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED);
// for now: list contains only one element
@@ -114,7 +117,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
moasession.setMISMandate(mandate);
//log mandate specific set of events
- revisionsLogger.logMandateEventSet(pendingReq, mandate);
+ //revisionsLogger.logMandateEventSet(pendingReq, mandate);
//store pending request with new MOASession data information
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
index 88a235978..65ae9cf91 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
@@ -30,19 +30,22 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
/**
@@ -53,11 +56,12 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
@Autowired StartAuthentificationParameterParser authInitialisationParser;
+ @Autowired private AuthConfiguration moaAuthConfig;
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
- @Override
+ @Override
public void execute(ExecutionContext executionContext,
HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
@@ -81,10 +85,12 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
}
protected void internalInitializeWithoutPersist(ExecutionContext executionContext,
- HttpServletRequest request, HttpServletResponse response) throws WrongParametersException, MOAIDException, MOADatabaseException {
+ HttpServletRequest request, HttpServletResponse response) throws EAAFException {
Logger.info("BKU is selected -> Start BKU communication ...");
- defaultTaskInitialization(request, executionContext);
+ //AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+
+ AuthenticationSessionWrapper moasession = ((RequestImpl)pendingReq).getSessionData(AuthenticationSessionWrapper.class);
boolean isLegacyRequest = false;
Object isLegacyRequestObj = executionContext.get("isLegacyRequest");
@@ -109,26 +115,25 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
}
//load OA Config
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { pendingReq.getOAURL() });
+ throw new AuthenticationException("auth.00", new Object[] { pendingReq.getSPEntityId() });
else {
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid);
//get Target from config or from request in case of SAML 1
String target = null;
- if (MiscUtil.isNotEmpty(pendingReq.getGenericData("saml1_target", String.class)) &&
+ if (MiscUtil.isNotEmpty(pendingReq.getRawData("saml1_target", String.class)) &&
pendingReq.requestedModule().equals("at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol"))
- target = pendingReq.getGenericData("saml1_target", String.class);
+ target = pendingReq.getRawData("saml1_target", String.class);
String bkuURL = oaParam.getBKUURL(bkuid);
if (MiscUtil.isEmpty(bkuURL)) {
Logger.info("No OA specific BKU defined. Use BKU from default configuration");
- bkuURL = authConfig.getDefaultBKUURL(bkuid);
+ bkuURL = moaAuthConfig.getDefaultBKUURL(bkuid);
}
//search for OA specific template
@@ -139,13 +144,13 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
templateURL = oaTemplateURLList.get(0);
} else {
- templateURL = authConfig.getSLRequestTemplates(bkuid);
+ templateURL = moaAuthConfig.getSLRequestTemplates(bkuid);
}
//make url absolut if it is a local url
if (MiscUtil.isNotEmpty(templateURL))
templateURL = FileUtils.makeAbsoluteURL(templateURL,
- authConfig.getRootConfigFileDir());
+ moaAuthConfig.getRootConfigFileDir());
if (oaParam.isOnlyMandateAllowed())
useMandate = "true";
@@ -156,7 +161,7 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
//parse all OA parameters i
authInitialisationParser.parse( moasession,
target,
- pendingReq.getOAURL(),
+ pendingReq.getSPEntityId(),
bkuURL,
templateURL,
useMandate,
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
index f7a816c74..a02032e74 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
@@ -7,11 +7,12 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -40,7 +41,7 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
- @Override
+ @Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
// note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet
@@ -49,7 +50,7 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
try {
//initialize task
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
//build authBlock
String createXMLSignatureRequest = authServer
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
index d2fd4d1de..dd7890b7e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
@@ -30,23 +30,26 @@ import javax.net.ssl.SSLSocketFactory;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.w3c.dom.Element;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
+import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MISSimpleClientException;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
/**
* @author tlenz
@@ -55,7 +58,9 @@ import at.gv.egovernment.moa.util.DOMUtils;
@Component("PrepareGetMISMandateTask")
public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
- /* (non-Javadoc)
+ @Autowired private AuthConfiguration moaAuthConfig;
+
+ /* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
@@ -66,11 +71,11 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
//mandate Mode
try {
//perform default task initialization
- defaultTaskInitialization(request, executionContext);
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
ConnectionParameterInterface connectionParameters =
- authConfig.getOnlineMandatesConnectionParameter(pendingReq.getOnlineApplicationConfiguration());
- SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(authConfig, connectionParameters);
+ moaAuthConfig.getOnlineMandatesConnectionParameter(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class));
+ SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(moaAuthConfig, connectionParameters);
// get identitity link as byte[]
Element elem = moasession.getIdentityLink().getSamlAssertion();
@@ -83,9 +88,9 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
String redirectURL = new DataURLBuilder().buildDataURL(
pendingReq.getAuthURL(),
GET_MIS_SESSIONID,
- pendingReq.getRequestID());
+ pendingReq.getPendingRequestId());
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
List<String> profiles = oaParam.getMandateProfiles();
if (profiles == null) {
@@ -101,8 +106,7 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
//TODO: check in case of SSO!!!
String targetType = oaParam.getAreaSpecificTargetIdentifier();
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue);
MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(
connectionParameters.getUrl(),
@@ -115,7 +119,7 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
targetType,
authBlock,
sslFactory,
- authConfig);
+ moaAuthConfig);
if (misSessionID == null) {
Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
@@ -129,8 +133,7 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
//store pending request with new MOASession data information
requestStoreage.storePendingRequest(pendingReq);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
response.setStatus(302);
response.addHeader("Location", redirectMISGUI);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
index 5730224e5..c8b562282 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
@@ -3,7 +3,6 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.PARAM_XMLRESPONSE;
import java.io.IOException;
-import java.io.UnsupportedEncodingException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
@@ -13,19 +12,17 @@ import org.apache.commons.fileupload.FileUploadException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
-import org.springframework.util.Base64Utils;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.logging.SpecificTraceLogger;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.MiscUtil;
/**
* Verifies the signed authentication block (provided as {@code CreateXMLSignatureResponse}).<p/>
@@ -59,7 +56,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
* Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet}.
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
- */
+ */
@Component("VerifyAuthenticationBlockTask")
public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
@@ -83,19 +80,16 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
}
String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
- if (createXMLSignatureResponse != null)
- SpecificTraceLogger.trace("Raw signed AuthBlock: " + Base64Utils.encodeToString(createXMLSignatureResponse.getBytes()));
-
+
try {
//check if authblock is received
if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse))
throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
//verify authBlock
authServer.verifyAuthenticationBlock(pendingReq, moasession, createXMLSignatureResponse);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
index 6aefb75a1..9f1f23344 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
@@ -13,14 +13,15 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.spss.util.CertificateUtils;
@@ -56,7 +57,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
- @Override
+ @Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
@@ -76,10 +77,9 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
try {
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
//read certificate from response
X509Certificate cert = authServer.getCertificate(pendingReq, parameters);
@@ -113,8 +113,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
}
// Foreign Identities Modus
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND);
String createXMLSignatureRequest = authServer.createXMLSignatureRequestForeignID(pendingReq, cert);
@@ -123,7 +122,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
new DataURLBuilder().buildDataURL(
pendingReq.getAuthURL(),
REQ_GET_FOREIGN_ID,
- pendingReq.getRequestID());
+ pendingReq.getPendingRequestId());
CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
index 4408f3852..b7c45a032 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
@@ -10,13 +10,14 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
/**
@@ -48,7 +49,7 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
- @Override
+ @Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
@@ -65,10 +66,9 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
try {
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
//verify identityLink
boolean identityLinkAvailable = authServer.verifyIdentityLink(pendingReq, moasession, parameters) != null;
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java
index eca231094..0b5db368f 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java
@@ -58,14 +58,14 @@ import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.w3c.dom.traversal.NodeIterator;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
+import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.data.SAMLAttribute;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.BKUException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
+import at.gv.egovernment.moa.id.commons.api.exceptions.BKUException;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
/**
* Parses an <code>&lt;InfoboxReadResponse&gt;</code> returned from
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java
index 390467bf8..4c9c15e99 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java
@@ -53,12 +53,12 @@ import java.util.Vector;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egovernment.moa.id.auth.data.InfoboxToken;
import at.gv.egovernment.moa.id.auth.data.InfoboxTokenImpl;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
/**
* Parses and unmarshales <code>InfoboxReadResponse<code>.
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java
index 154092b03..8458bce01 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java
@@ -63,14 +63,14 @@ import org.apache.xpath.XPathAPI;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
+import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.BKUException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
+import at.gv.egovernment.moa.id.commons.api.exceptions.BKUException;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
import iaik.x509.X509Certificate;
/**
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java
index 139be49fe..582af517c 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java
@@ -31,6 +31,8 @@ import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
+
/**
* @author tlenz
*
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index 1d2887e6a..ab9be7163 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -54,31 +54,31 @@ import java.util.List;
import javax.xml.bind.DatatypeConverter;
import org.jaxen.SimpleNamespaceContext;
-import org.springframework.util.Base64Utils;
import org.w3c.dom.Element;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.data.SAMLAttribute;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.ValidateException;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
-import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.data.Pair;
import at.gv.egovernment.moa.id.logging.SpecificTraceLogger;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
/**
*
@@ -136,18 +136,18 @@ public class CreateXMLSignatureResponseValidator {
* @throws BuildException
* @throws ConfigurationException
*/
- public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, IAuthenticationSession session, IRequest pendingReq, boolean validateTargetFriendlyName)
- throws ValidateException, BuildException, ConfigurationException {
+ public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, IAuthenticationSession session, IRequest pendingReq)
+ throws ValidateException, BuildException, ConfigurationException, EAAFBuilderException {
// A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
String oaURL = oaParam.getPublicURLPrefix();
IIdentityLink identityLink = session.getIdentityLink();
@Deprecated
- String saml1RequestedTarget = pendingReq.getGenericData(
+ String saml1RequestedTarget = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class);
@Deprecated
- String saml1RequestedFriendlyName = pendingReq.getGenericData(
+ String saml1RequestedFriendlyName = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class);
try {
@@ -273,16 +273,8 @@ public class CreateXMLSignatureResponseValidator {
}
String refValueSector = userSectorId.getSecond().substring(MOAIDAuthConstants.PREFIX_CDID.length()) + " (" + sectorName + ")";
- if (!refValueSector.equals((String)samlAttribute.getValue())) {
- if (validateTargetFriendlyName)
- throw new ValidateException("validator.13", new Object[] {(String)samlAttribute.getValue(), refValueSector});
-
- else {
- Logger.warn("AuthBlock 'TargetFriendlyName' " + samlAttribute.getValue() + " does not match to " + refValueSector);
-
- }
-
- }
+ if (!refValueSector.equals((String)samlAttribute.getValue()))
+ throw new ValidateException("validator.13", new Object[] {(String)samlAttribute.getValue(), refValueSector});
} else
throw new ValidateException("validator.12", null);
@@ -438,7 +430,7 @@ public class CreateXMLSignatureResponseValidator {
} catch (Exception e) {
SpecificTraceLogger.trace("Validate AuthBlock without SSO");
- SpecificTraceLogger.trace("Signed AuthBlock: " + Base64Utils.encodeToString(session.getAuthBlock().getBytes()));
+ SpecificTraceLogger.trace("Signed AuthBlock: " + session.getAuthBlock());
SpecificTraceLogger.trace("OA config: " + oaParam.toString());
SpecificTraceLogger.trace("saml1RequestedTarget: " + saml1RequestedTarget);
SpecificTraceLogger.trace("saml1RequestedFriendlyName: " + saml1RequestedFriendlyName);
@@ -671,12 +663,12 @@ public class CreateXMLSignatureResponseValidator {
} catch (Exception e) {
SpecificTraceLogger.trace("Validate AuthBlock with SSO");
- SpecificTraceLogger.trace("Signed AuthBlock: " + Base64Utils.encodeToString(session.getAuthBlock().getBytes()));
- SpecificTraceLogger.trace("OA config: " + pendingReq.getOnlineApplicationConfiguration().toString());
+ SpecificTraceLogger.trace("Signed AuthBlock: " + session.getAuthBlock());
+ SpecificTraceLogger.trace("OA config: " + pendingReq.getServiceProviderConfiguration().toString());
throw e;
}
-
+
}
public void validateSigningDateTime( CreateXMLSignatureResponse csresp) throws ValidateException {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java
deleted file mode 100644
index f3ce6888b..000000000
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java
+++ /dev/null
@@ -1,210 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.validator;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.exception.ValidateException;
-import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * This class is used to validate an {@link IdentityLink}
- * returned by the security layer
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class IdentityLinkValidator implements Constants {
-
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching PersonData Namespaces */
- private static final String PDATA = PD_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = SAML_PREFIX + ":";
- /** Xpath prefix for reaching XML-DSIG Namespaces */
- private static final String DSIG = DSIG_PREFIX + ":";
- /** Xpath prefix for reaching ECDSA Namespaces */
- private static final String ECDSA = ECDSA_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "";
- /** Xpath expression to the SAML:SubjectConfirmationData element */
- private static final String SAML_SUBJECT_CONFIRMATION_DATA_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Subject/"
- + SAML
- + "SubjectConfirmation/"
- + SAML
- + "SubjectConfirmationData";
-/** Xpath expression to the PersonData:Person element */
- private static final String PERSON_XPATH =
- SAML_SUBJECT_CONFIRMATION_DATA_XPATH + "/" + PDATA + "Person";
- /** Xpath expression to the SAML:Attribute element */
- private static final String ATTRIBUTE_XPATH =
- ROOT + SAML + "AttributeStatement/" + SAML + "Attribute";
-// /** Xpath expression to the SAML:AttributeName attribute */
-// private static final String ATTRIBUTE_NAME_XPATH =
-// ROOT + SAML + "AttributeStatement/" + SAML + "Attribute/@AttributeName";
-// /** Xpath expression to the SAML:AttributeNamespace attribute */
-// private static final String ATTRIBUTE_NAMESPACE_XPATH =
-// ROOT
-// + SAML
-// + "AttributeStatement/"
-// + SAML
-// + "Attribute/@AttributeNamespace";
-// /** Xpath expression to the SAML:AttributeValue element */
-// private static final String ATTRIBUTE_VALUE_XPATH =
-// ROOT
-// + SAML
-// + "AttributeStatement/"
-// + SAML
-// + "Attribute/"
-// + SAML
-// + "AttributeValue";
-
- /** Singleton instance. <code>null</code>, if none has been created. */
- private static IdentityLinkValidator instance;
-
- /**
- * Constructor for a singleton IdentityLinkValidator.
- * @return a new IdentityLinkValidator instance
- * @throws ValidateException if no instance can be created
- */
- public static synchronized IdentityLinkValidator getInstance()
- throws ValidateException {
- if (instance == null) {
- instance = new IdentityLinkValidator();
- }
- return instance;
- }
-
- /**
- * Method validate. Validates the {@link IdentityLink}
- * @param identityLink The identityLink to validate
- * @throws ValidateException on any validation error
- */
- public void validate(IIdentityLink identityLink) throws ValidateException {
-
- Element samlAssertion = identityLink.getSamlAssertion();
- //Search the SAML:ASSERTION Object (A2.054)
- if (samlAssertion == null) {
- throw new ValidateException("validator.00", null);
- }
-
- // Check how many saml:Assertion/saml:AttributeStatement/
- // saml:Subject/ saml:SubjectConfirmation/
- // saml:SubjectConfirmationData/pr:Person of type
- // PhysicalPersonType exist (A2.056)
- NodeList nl = XPathUtils.selectNodeList(samlAssertion, PERSON_XPATH);
- // If we have just one Person-Element we don't need to check the attributes
- int counterPhysicalPersonType = 0;
- if (nl.getLength() > 1)
- for (int i = 0; i < nl.getLength(); i++) {
- String xsiType =
- ((Element) nl.item(i))
- .getAttributeNodeNS(
- "http://www.w3.org/2001/XMLSchema-instance",
- "type")
- .getNodeValue();
- // We have to check if xsiType contains "PhysicalPersonType"
- // An equal-check will fail because of the Namespace-prefix of the attribute value
- if (xsiType.indexOf("PhysicalPersonType") > -1)
- counterPhysicalPersonType++;
- }
- if (counterPhysicalPersonType > 1)
- throw new ValidateException("validator.01", null);
-
- //Check the SAML:ATTRIBUTES
- nl = XPathUtils.selectNodeList(samlAssertion, ATTRIBUTE_XPATH);
- for (int i = 0; i < nl.getLength(); i++) {
- String attributeName =
- XPathUtils.getAttributeValue(
- (Element) nl.item(i),
- "@AttributeName",
- null);
- String attributeNS =
- XPathUtils.getAttributeValue(
- (Element) nl.item(i),
- "@AttributeNamespace",
- null);
- if (attributeName.equals("CitizenPublicKey")) {
-
- if (attributeNS.equals("http://www.buergerkarte.at/namespaces/personenbindung/20020506#") ||
- attributeNS.equals("urn:publicid:gv.at:namespaces:identitylink:1.2")) {
- Element attributeValue =
- (Element) XPathUtils.selectSingleNode((Element) nl.item(i),nSMap, SAML + "AttributeValue/" + DSIG + "RSAKeyValue");
- if (attributeValue==null)
- attributeValue =
- (Element) XPathUtils.selectSingleNode((Element)nl.item(i), nSMap, SAML + "AttributeValue/" + ECDSA + "ECDSAKeyValue");
- if (attributeValue==null)
- attributeValue =
- (Element) XPathUtils.selectSingleNode((Element)nl.item(i), nSMap, SAML + "AttributeValue/" + DSIG + "DSAKeyValue");
- if (attributeValue == null)
- throw new ValidateException("validator.02", null);
-
- }
- else
- throw new ValidateException("validator.03", new Object [] {attributeNS} );
- }
- else
- throw new ValidateException("validator.04", new Object [] {attributeName} );
- }
-
- //Check if dsig:Signature exists
- Element dsigSignature = (Element) XPathUtils.selectSingleNode(samlAssertion,ROOT + DSIG + "Signature");
- if (dsigSignature==null) throw new ValidateException("validator.05", new Object[] {"in der Personenbindung"});
- }
-
-}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
deleted file mode 100644
index c4ea80df9..000000000
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ /dev/null
@@ -1,302 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.validator;
-
-import java.security.InvalidKeyException;
-import java.security.PublicKey;
-import java.security.interfaces.RSAPublicKey;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.exception.ValidateException;
-import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
-import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
-import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.logging.Logger;
-import iaik.asn1.structures.Name;
-import iaik.security.ec.common.ECPublicKey;
-import iaik.utils.RFC2253NameParserException;
-import iaik.x509.X509Certificate;
-import iaik.x509.X509ExtensionInitException;
-
-/**
- * This class is used to validate an {@link VerifyXMLSignatureResponse}
- * returned by MOA-SPSS
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class VerifyXMLSignatureResponseValidator {
-
- /** Identification string for checking identity link */
- public static final String CHECK_IDENTITY_LINK = "IdentityLink";
- /** Identification string for checking authentication block */
- public static final String CHECK_AUTH_BLOCK = "AuthBlock";
-
- /** Singleton instance. <code>null</code>, if none has been created. */
- private static VerifyXMLSignatureResponseValidator instance;
-
- /**
- * Constructor for a singleton VerifyXMLSignatureResponseValidator.
- */
- public static synchronized VerifyXMLSignatureResponseValidator getInstance()
- throws ValidateException {
- if (instance == null) {
- instance = new VerifyXMLSignatureResponseValidator();
- }
- return instance;
- }
-
- /**
- * Validates a {@link VerifyXMLSignatureResponse} returned by MOA-SPSS.
- *
- * @param verifyXMLSignatureResponse the <code>&lt;VerifyXMLSignatureResponse&gt;</code>
- * @param identityLinkSignersSubjectDNNames subject names configured
- * @param whatToCheck is used to identify whether the identityLink or the Auth-Block is validated
- * @param oaParam specifies whether the validation result of the
- * manifest has to be ignored (identityLink validation if
- * the OA is a business service) or not
- * @throws ValidateException on any validation error
- * @throws ConfigurationException
- */
- public void validate(IVerifiyXMLSignatureResponse verifyXMLSignatureResponse,
- List<String> identityLinkSignersSubjectDNNames,
- String whatToCheck,
- IOAAuthParameters oaParam)
- throws ValidateException, ConfigurationException {
-
- if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
- throw new ValidateException("validator.06", null);
-
- if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) {
- String checkFailedReason ="";
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 1)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.21", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 2)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.22", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 3)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.23", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 4)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.24", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 5)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.25", null);
-
-// TEST CARDS
- if (whatToCheck.equals(CHECK_IDENTITY_LINK))
- throw new ValidateException("validator.07", new Object[] { checkFailedReason } );
- else
- throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
- }
-
- //check QC
- if (AuthConfigurationProviderFactory.getInstance().isCertifiacteQCActive() &&
- !whatToCheck.equals(CHECK_IDENTITY_LINK) &&
- !verifyXMLSignatureResponse.isQualifiedCertificate()) {
-
- //check if testcards are active and certificate has an extension for test credentials
- if (oaParam.isTestCredentialEnabled()) {
- boolean foundTestCredentialOID = false;
- try {
- X509Certificate signerCert = verifyXMLSignatureResponse.getX509certificate();
-
- List<String> validOIDs = new ArrayList<String>();
- if (oaParam.getTestCredentialOIDs() != null)
- validOIDs.addAll(oaParam.getTestCredentialOIDs());
- else
- validOIDs.add(MOAIDAuthConstants.TESTCREDENTIALROOTOID);
-
- Set<String> extentsions = signerCert.getCriticalExtensionOIDs();
- extentsions.addAll(signerCert.getNonCriticalExtensionOIDs());
- Iterator<String> extit = extentsions.iterator();
- while(extit.hasNext()) {
- String certOID = extit.next();
- for (String el : validOIDs) {
- if (certOID.startsWith(el))
- foundTestCredentialOID = true;
- }
- }
-
- } catch (Exception e) {
- Logger.warn("Test credential OID extraction FAILED.", e);
-
- }
- //throw Exception if not TestCredentialOID is found
- if (!foundTestCredentialOID)
- throw new ValidateException("validator.72", null);
-
- } else
- throw new ValidateException("validator.71", null);
- }
-
- // if OA is type is business service the manifest validation result has
- // to be ignored
- boolean ignoreManifestValidationResult = false;
- if (whatToCheck.equals(CHECK_IDENTITY_LINK))
- ignoreManifestValidationResult = (oaParam.hasBaseIdInternalProcessingRestriction()) ? true
- : false;
-
- if (ignoreManifestValidationResult) {
- Logger.debug("OA type is business service, thus ignoring DSIG manifest validation result");
- } else {
- if (verifyXMLSignatureResponse.isXmlDSIGManigest())
- if (verifyXMLSignatureResponse.getXmlDSIGManifestCheckCode() != 0)
- throw new ValidateException("validator.08", null);
- }
-
-
- // Check the signature manifest only when verifying the signed AUTHBlock
- if (whatToCheck.equals(CHECK_AUTH_BLOCK)) {
- if (verifyXMLSignatureResponse.getSignatureManifestCheckCode() > 0) {
- throw new ValidateException("validator.50", null);
- }
- }
-
- //Check whether the returned X509 SubjectName is in the MOA-ID configuration or not
- if (identityLinkSignersSubjectDNNames != null) {
- String subjectDN = "";
- X509Certificate x509Cert = verifyXMLSignatureResponse.getX509certificate();
- try {
- subjectDN = ((Name) x509Cert.getSubjectDN()).getRFC2253String();
- }
- catch (RFC2253NameParserException e) {
- throw new ValidateException("validator.17", null);
- }
- //System.out.println("subjectDN: " + subjectDN);
- // check the authorisation to sign the identity link
- if (!identityLinkSignersSubjectDNNames.contains(subjectDN)) {
- // subject DN check failed, try OID check:
- try {
- if (x509Cert.getExtension(MOAIDAuthConstants.IDENTITY_LINK_SIGNER_OID) == null) {
- throw new ValidateException("validator.18", new Object[] { subjectDN });
- } else {
- Logger.debug("Identity link signer cert accepted for signing identity link: " +
- "subjectDN check failed, but OID check successfully passed.");
- }
- } catch (X509ExtensionInitException e) {
- throw new ValidateException("validator.49", null);
- }
- } else {
- Logger.debug("Identity link signer cert accepted for signing identity link: " +
- "subjectDN check successfully passed.");
- }
-
- }
- }
-
- /**
- * Method validateCertificate.
- * @param verifyXMLSignatureResponse The VerifyXMLSignatureResponse
- * @param idl The Identitylink
- * @throws ValidateException
- */
- public void validateCertificate(
- IVerifiyXMLSignatureResponse verifyXMLSignatureResponse,
- IIdentityLink idl)
- throws ValidateException {
-
- X509Certificate x509Response = verifyXMLSignatureResponse.getX509certificate();
- PublicKey[] pubKeysIdentityLink = (PublicKey[]) idl.getPublicKey();
-
- PublicKey pubKeySignature = x509Response.getPublicKey();
-
- boolean found = false;
- for (int i = 0; i < pubKeysIdentityLink.length; i++) {
-
- //compare RSAPublicKeys
- if ((idl.getPublicKey()[i] instanceof java.security.interfaces.RSAPublicKey) &&
- (pubKeySignature instanceof java.security.interfaces.RSAPublicKey)) {
-
- RSAPublicKey rsaPubKeySignature = (RSAPublicKey) pubKeySignature;
- RSAPublicKey rsakey = (RSAPublicKey) pubKeysIdentityLink[i];
-
- if (rsakey.getModulus().equals(rsaPubKeySignature.getModulus())
- && rsakey.getPublicExponent().equals(rsaPubKeySignature.getPublicExponent()))
- found = true;
- }
-
- //compare ECDSAPublicKeys
- if( ( (idl.getPublicKey()[i] instanceof java.security.interfaces.ECPublicKey) ||
- (idl.getPublicKey()[i] instanceof ECPublicKey)) &&
- ( (pubKeySignature instanceof java.security.interfaces.ECPublicKey) ||
- (pubKeySignature instanceof ECPublicKey) ) ) {
-
- try {
- ECPublicKey ecdsaPubKeySignature = new ECPublicKey(pubKeySignature.getEncoded());
- ECPublicKey ecdsakey = new ECPublicKey(pubKeysIdentityLink[i].getEncoded());
-
- if(ecdsakey.equals(ecdsaPubKeySignature))
- found = true;
-
- } catch (InvalidKeyException e) {
- Logger.warn("ECPublicKey can not parsed into a iaik.ECPublicKey", e);
- throw new ValidateException("validator.09", null);
- }
-
-
-
- }
-
-// Logger.debug("IDL-Pubkey=" + idl.getPublicKey()[i].getClass().getName()
-// + " Resp-Pubkey=" + pubKeySignature.getClass().getName());
-
- }
-
- if (!found) {
-
- throw new ValidateException("validator.09", null);
-
- }
- }
-
-}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java
index 7bb07df74..e023a6507 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java
@@ -63,17 +63,17 @@ import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
-import at.gv.egovernment.moa.id.data.Pair;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.BoolUtils;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.StringUtils;
/**
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java
index d093cc7f0..01e349d0f 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java
@@ -56,9 +56,10 @@ import javax.servlet.http.HttpServletResponse;
import com.google.common.net.MediaType;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.ServletUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.logging.Logger;
@@ -69,7 +70,7 @@ import at.gv.egovernment.moa.logging.Logger;
*/
public class CitizenCardServletUtils extends ServletUtils{
- /**
+ /**
* Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing
* depending on the requests starting text.
*
@@ -88,7 +89,7 @@ public class CitizenCardServletUtils extends ServletUtils{
if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) {
resp.setStatus(307);
String dataURL = new DataURLBuilder().buildDataURL(
- pendingReq.getAuthURL(), MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK, pendingReq.getRequestID());
+ pendingReq.getAuthURL(), MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK, pendingReq.getPendingRequestId());
resp.addHeader("Location", dataURL);
//TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
@@ -100,7 +101,7 @@ public class CitizenCardServletUtils extends ServletUtils{
Logger.debug("Finished POST " + servletName);
} else {
- String redirectURL = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), servletGoal, pendingReq.getRequestID());
+ String redirectURL = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), servletGoal, pendingReq.getPendingRequestId());
resp.setContentType("text/html");
resp.setStatus(302);
resp.addHeader("Location", redirectURL);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
index 26d50905e..fe0e659c7 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
@@ -70,12 +70,12 @@ import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;
-import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MISSimpleClientException;
import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport;
import at.gv.egovernment.moa.id.data.MISMandate;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.StringUtils;