aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java')
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java39
1 files changed, 36 insertions, 3 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
index 70135c06f..02a5df098 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
@@ -23,9 +23,12 @@
package at.gv.egovernment.moa.id.auth.modules.eidas.utils;
import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
import java.util.HashMap;
import java.util.Map;
+import org.opensaml.common.xml.SAMLSchemaBuilder;
import org.opensaml.xml.ConfigurationException;
import org.opensaml.xml.XMLConfigurator;
@@ -36,8 +39,13 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAEidasProtocolProces
import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider;
import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASMetadataProviderDecorator;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeRegistries;
+import eu.eidas.auth.commons.attribute.AttributeRegistry;
import eu.eidas.auth.engine.ProtocolEngineI;
import eu.eidas.auth.engine.SamlEngineSystemClock;
import eu.eidas.auth.engine.metadata.MetadataFetcherI;
@@ -62,6 +70,7 @@ public class SAMLEngineUtils {
if (eIDASEngine == null) {
try {
+
//get eIDAS SAMLengine configuration from MOA-ID configuration
CertificateConfigurationManager configManager = new MOAIDCertificateManagerConfigurationImpl();
@@ -70,12 +79,25 @@ public class SAMLEngineUtils {
//set metadata signer
metadataSigner = new MOAExtendedSWSigner(configManager);
-
+
+ //load additional eIDAS attribute definitions
+ String additionalAttributeConfigFile =
+ AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SAMLENGINE_ATTIONAL_ATTRIBUTE_DEFINITIONS);
+ AttributeRegistry addAttrDefinitions = AttributeRegistries.empty();
+ if (MiscUtil.isNotEmpty(additionalAttributeConfigFile)) {
+ URL addAttrConfigUrl = new URL(FileUtils.makeAbsoluteURL(
+ additionalAttributeConfigFile,
+ AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()));
+ addAttrDefinitions = AttributeRegistries.fromFile(addAttrConfigUrl.getPath(), null);
+
+ }
+
//build eIDAS SAML eninge
- ProtocolEngineI engine = MOAProtocolEngineFactory.createProtocolEngine(
+ ProtocolEngineI engine = MOAProtocolEngineFactory.ownCreateProtocolEngine(
Constants.eIDAS_SAML_ENGINE_NAME,
configManager,
- new MOAEidasProtocolProcesser(metadataFetcher, metadataSigner),
+ new MOAEidasProtocolProcesser(metadataFetcher, metadataSigner, addAttrDefinitions),
new SamlEngineSystemClock());
//build a map with all actually supported attributes
@@ -86,6 +108,9 @@ public class SAMLEngineUtils {
//overwrite eIDAS response validator suite because Condition-Valitator has not time jitter
initOpenSAMLConfig("own-saml-eidasnode-config.xml");
+ //add eIDAS specific SAML2 extensions to eIDAS Schema validatior
+ SAMLSchemaBuilder.addExtensionSchema(
+ at.gv.egovernment.moa.util.Constants.SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION);
eIDASEngine = engine;
@@ -93,6 +118,14 @@ public class SAMLEngineUtils {
Logger.error("eIDAS SAMLengine initialization FAILED!", e);
throw new EIDASEngineException("eIDAS.00", new Object[]{e.getMessage()}, e);
+ } catch (at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException e) {
+ Logger.error("eIDAS SAMLengine initialization FAILED!", e);
+ throw new EIDASEngineException("eIDAS.00", new Object[]{e.getMessage()}, e);
+
+ } catch (MalformedURLException e) {
+ Logger.error("eIDAS SAMLengine initialization FAILED!", e);
+ throw new EIDASEngineException("eIDAS.00", new Object[]{e.getMessage()}, e);
+
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 03:25:39 +0000