diff options
Diffstat (limited to 'id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils')
4 files changed, 36 insertions, 90 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/NewMoaEidasMetadata.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/NewMoaEidasMetadata.java index bb52d2ffe..44a313885 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/NewMoaEidasMetadata.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/NewMoaEidasMetadata.java @@ -69,12 +69,11 @@ import org.opensaml.xml.security.credential.UsageType; import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory; import org.opensaml.xml.signature.KeyInfo; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import com.google.common.collect.ImmutableSortedSet; import com.google.common.collect.Ordering; +import at.gv.egovernment.moa.logging.Logger; import eu.eidas.auth.commons.EIDASUtil; import eu.eidas.auth.commons.EidasStringUtil; import eu.eidas.auth.commons.attribute.AttributeDefinition; @@ -108,7 +107,6 @@ import eu.eidas.util.Preconditions; * */ public class NewMoaEidasMetadata { - private static final Logger LOGGER = LoggerFactory.getLogger(EidasMetadata.class.getName()); private final String metadata; private final String entityId; private static final Set<String> DEFAULT_BINDING = new HashSet() { @@ -180,7 +178,7 @@ public class NewMoaEidasMetadata { dm.setAlgorithm(digestMethod); eidasExtensions.getUnknownXMLObjects().add(dm); } else { - NewMoaEidasMetadata.LOGGER.info("BUSINESS EXCEPTION error adding DigestMethod extension"); + Logger.info("BUSINESS EXCEPTION error adding DigestMethod extension"); } } } @@ -197,7 +195,7 @@ public class NewMoaEidasMetadata { spTypeObj.setSPType(this.params.getSpType()); eidasExtensions.getUnknownXMLObjects().add(spTypeObj); } else { - NewMoaEidasMetadata.LOGGER.info("BUSINESS EXCEPTION error adding SPType extension"); + Logger.info("BUSINESS EXCEPTION error adding SPType extension"); } } generateDigest(eidasExtensions); @@ -212,7 +210,7 @@ public class NewMoaEidasMetadata { sm.setAlgorithm(signMethod); eidasExtensions.getUnknownXMLObjects().add(sm); } else { - NewMoaEidasMetadata.LOGGER.info("BUSINESS EXCEPTION error adding SigningMethod extension"); + Logger.info("BUSINESS EXCEPTION error adding SigningMethod extension"); } } } @@ -378,8 +376,12 @@ public class NewMoaEidasMetadata { new ImmutableSortedSet.Builder<>(Ordering.<AttributeDefinition<?>>natural()); for (String attr : eIDASAttributeBuilder.getAllProvideableeIDASAttributes()) { - AttributeDefinition<?> supAttr = params.getIdpEngine().getProtocolProcessor().getAttributeDefinitionNullable(attr); - builder.add(supAttr); + Logger.trace("Build metadata-attr: " + attr); + AttributeDefinition<?> supAttr = params.getIdpEngine().getProtocolProcessor().getAttributeDefinitionNullable(attr); + if (supAttr == null) + Logger.warn("Suspect eIDAS attribute definition: " + attr); + else + builder.add(supAttr); } return builder.build(); @@ -444,11 +446,11 @@ public class NewMoaEidasMetadata { url.setURL(new LocalizedString(this.params.getOrganization().getUrl(), "en")); organization.getURLs().add(url); } catch (IllegalAccessException iae) { - NewMoaEidasMetadata.LOGGER.info("ERROR : error generating the OrganizationData: {}", iae.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : error generating the OrganizationData: {}", iae); + Logger.info("ERROR : error generating the OrganizationData: " + iae.getMessage()); + Logger.warn("ERROR : error generating the OrganizationData:", iae); } catch (NoSuchFieldException nfe) { - NewMoaEidasMetadata.LOGGER.info("ERROR : error generating the OrganizationData: {}", nfe.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : error generating the OrganizationData: {}", nfe); + Logger.info("ERROR : error generating the OrganizationData: " + nfe.getMessage()); + Logger.warn("ERROR : error generating the OrganizationData:", nfe); } } return organization; @@ -463,11 +465,11 @@ public class NewMoaEidasMetadata { else if (contactType == ContactPersonTypeEnumeration.TECHNICAL) currentContact = this.params.getTechnicalContact(); else { - NewMoaEidasMetadata.LOGGER.error("ERROR: unsupported contact type"); + Logger.error("ERROR: unsupported contact type"); } contact = (ContactPerson) BuilderFactoryUtil.buildXmlObject(ContactPerson.class); if (currentContact == null) { - NewMoaEidasMetadata.LOGGER.error("ERROR: cannot retrieve contact from the configuration"); + Logger.error("ERROR: cannot retrieve contact from the configuration"); return contact; } @@ -486,11 +488,11 @@ public class NewMoaEidasMetadata { populateContact(contact, currentContact, emailAddressObj, company, givenName, surName, phoneNumber); } catch (IllegalAccessException iae) { - NewMoaEidasMetadata.LOGGER.info("ERROR : error generating the OrganizationData: {}", iae.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : error generating the OrganizationData: {}", iae); + Logger.info("ERROR : error generating the OrganizationData: " + iae.getMessage()); + Logger.warn("ERROR : error generating the OrganizationData: ", iae); } catch (NoSuchFieldException nfe) { - NewMoaEidasMetadata.LOGGER.info("ERROR : error generating the OrganizationData: {}", nfe.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : error generating the OrganizationData: {}", nfe); + Logger.info("ERROR : error generating the OrganizationData: " + nfe.getMessage()); + Logger.warn("ERROR : error generating the OrganizationData: ", nfe); } return contact; } @@ -546,8 +548,8 @@ public class NewMoaEidasMetadata { } return EidasStringUtil.toString(OpenSamlHelper.marshall(entityDescriptor, false)); } catch (Exception ex) { - NewMoaEidasMetadata.LOGGER.info("ERROR : SAMLException ", ex.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : SAMLException ", ex); + Logger.info("ERROR : SAMLException: " + ex.getMessage()); + Logger.warn("ERROR : SAMLException ", ex); throw new IllegalStateException(ex); } } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java index 6d20caa4b..b000c317e 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java @@ -33,6 +33,7 @@ import org.opensaml.xml.ConfigurationException; import org.opensaml.xml.XMLConfigurator; import at.gv.egiz.eaaf.core.impl.utils.FileUtils; +import at.gv.egiz.eid4u.api.attributes.Definitions; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; import at.gv.egovernment.moa.id.auth.modules.eidas.config.MOAExtendedSWSigner; import at.gv.egovernment.moa.id.auth.modules.eidas.config.MOAIDCertificateManagerConfigurationImpl; @@ -112,6 +113,16 @@ public class SAMLEngineUtils { SAMLSchemaBuilder.addExtensionSchema( at.gv.egovernment.moa.util.Constants.SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION); + //add eID4U schemes + SAMLSchemaBuilder.addExtensionSchema( + Definitions.SAML2_eID4U_CORE_EXTENSIONS_SCHEMA_LOCATION); + SAMLSchemaBuilder.addExtensionSchema( + Definitions.SAML2_eID4U_PERSON_EXTENSIONS_SCHEMA_LOCATION); + SAMLSchemaBuilder.addExtensionSchema( + Definitions.SAML2_eID4U_STUDIES_EXTENSIONS_SCHEMA_LOCATION); + SAMLSchemaBuilder.addExtensionSchema( + Definitions.SAML2_eID4U_EXT_EUROPASS3_EXTENSIONS_SCHEMA_LOCATION); + eIDASEngine = engine; } catch (EIDASSAMLEngineException | ConfigurationException e) { diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java deleted file mode 100644 index e3b58d259..000000000 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.auth.modules.eidas.utils; - -import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; - -/** - * @author tlenz - * - */ -public class SimpleEidasAttributeGenerator implements IAttributeGenerator<String> { - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildStringAttribute(java.lang.String, java.lang.String, java.lang.String) - */ - @Override - public String buildStringAttribute(String friendlyName, String name, String value) { - return value; - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildIntegerAttribute(java.lang.String, java.lang.String, int) - */ - @Override - public String buildIntegerAttribute(String friendlyName, String name, int value) { - return String.valueOf(value); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildLongAttribute(java.lang.String, java.lang.String, long) - */ - @Override - public String buildLongAttribute(String friendlyName, String name, long value) { - return String.valueOf(value); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildEmptyAttribute(java.lang.String, java.lang.String) - */ - @Override - public String buildEmptyAttribute(String friendlyName, String name) { - return null; - } - -} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java index 200215308..d2323d161 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java @@ -38,6 +38,7 @@ import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder; import at.gv.egovernment.moa.id.data.IMOAAuthData; +import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator; import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute; import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASMetadata; import at.gv.egovernment.moa.logging.Logger; @@ -53,7 +54,7 @@ import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException; * */ public class eIDASAttributeBuilder extends PVPAttributeBuilder { - private static IAttributeGenerator<String> generator = new SimpleEidasAttributeGenerator(); + private static IAttributeGenerator<String> generator = new SimpleStringAttributeGenerator(); private static List<String> listOfSupportedeIDASAttributes; private static ServiceLoader<IeIDASAttribute> eIDASAttributLoader = @@ -105,7 +106,7 @@ public class eIDASAttributeBuilder extends PVPAttributeBuilder { * @param authData Authentication data that contains user information for attribute generation * @return eIDAS attribute response {@link Pair} or null if the attribute generation FAILES */ - public static Pair<AttributeDefinition<?>,ImmutableSet<AttributeValue<?>>> buildAttribute(AttributeDefinition<?> attr, ISPConfiguration onlineApplicationConfiguration, + public static Pair<?, ImmutableSet<AttributeValue<?>>> buildAttribute(AttributeDefinition<?> attr, ISPConfiguration onlineApplicationConfiguration, IAuthData authData) { String attrName = attr.getNameUri().toString(); |