1 files changed, 162 insertions, 0 deletions

diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
new file mode 100644
index 000000000..b4db5c83d
--- /dev/null
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
@@ -0,0 +1,162 @@
+/*******************************************************************************
+ *  Copyright 2015 e-SENS project
+ *
+ *  Licensed under the EUPL, Version 1.1 or - as soon they will be
+ *  approved by the European Commission - subsequent versions of
+ *  the EUPL (the "Licence");
+ *  You may not use this work except in compliance with the Licence.
+ *  You may obtain a copy of the Licence at: http://ec.europa.eu/idabc/eupl
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the Licence is distributed on an "AS IS" basis,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ *  implied.
+ *  See the Licence for the specific language governing permissions and
+ *  limitations under the Licence.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.protocols.eidas;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.opensaml.saml2.metadata.ContactPerson;
+import org.opensaml.saml2.metadata.Organization;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Service;
+
+import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
+import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
+import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
+import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.data.SLOInformationInterface;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
+import at.gv.egovernment.moa.logging.Logger;
+import eu.eidas.auth.engine.EIDASSAMLEngine;
+import eu.eidas.auth.engine.metadata.Contact;
+import eu.eidas.auth.engine.metadata.MetadataConfigParams;
+import eu.eidas.auth.engine.metadata.MetadataGenerator;
+import eu.eidas.engine.exceptions.SAMLEngineException;
+
+
+/**
+ * First version to provide some valid metadata to an asking eIDaS node
+ */
+@Service("EidasMetaDataRequest")
+public class EidasMetaDataRequest implements IAction {
+    
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData)
+	 */
+	@Override
+	public SLOInformationInterface processRequest(IRequest req,
+			HttpServletRequest httpReq, HttpServletResponse httpResp,
+			IAuthData authData) throws MOAIDException {
+       
+		try {            
+            String pubURLPrefix = req.getAuthURL();
+            
+            String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA;
+            
+            String sp_return_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_SP_POST;            
+            String metaData = generateMetadata(metadata_url, sp_return_url);
+
+            Logger.trace(metaData);
+
+            httpResp.setContentType(MediaType.APPLICATION_XML.getType());
+            httpResp.getWriter().print(metaData);
+            httpResp.flushBuffer();
+        } catch (Exception e) {        	
+        	Logger.error("eIDAS Metadata generation FAILED.", e);
+        	throw new MOAIDException("eIDAS.05", new Object[]{e.getMessage()}, e);
+            
+        } 
+		
+		
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+	 */
+	@Override
+	public boolean needAuthentication(IRequest req, HttpServletRequest httpReq,
+			HttpServletResponse httpResp) {
+		return false;
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName()
+	 */
+	@Override
+	public String getDefaultActionName() {
+		return "eIDAS-Metadata Action";
+		
+	}
+    
+    public String generateMetadata(String metadata_url, String sp_return_url) throws SAMLEngineException, EIDASEngineException{
+        String metadata="invalid metadata";
+
+		EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine();
+        
+        MetadataGenerator generator = new MetadataGenerator();
+        MetadataConfigParams mcp=new MetadataConfigParams();
+        generator.setConfigParams(mcp);
+        generator.initialize(engine);
+        
+        mcp.setEntityID(metadata_url);        
+        mcp.setAssertionConsumerUrl(sp_return_url);
+        
+        
+        //TODO: make it configurable
+        mcp.setAuthnRequestsSigned(true);
+        mcp.setWantAssertionsSigned(true);
+        mcp.setAssuranceLevel("http://eidas.europa.eu/LoA/substantial");
+        
+        //must be set in request, because it could be different for every online-application
+        //mcp.setSpType(SPType.DEFAULT_VALUE);
+        
+        mcp.setDigestMethods(Constants.METADATA_ALLOWED_ALG_DIGIST);
+        mcp.setSigningMethods(Constants.METADATA_ALLOWED_ALG_SIGN);
+        mcp.setEncryptionAlgorithms(Constants.METADATA_ALLOWED_ALG_ENCRYPT);
+        
+        //add organisation information from PVP metadata information        
+        Organization pvpOrganisation = null;
+		try {
+			pvpOrganisation = PVPConfiguration.getInstance().getIDPOrganisation();			
+			Contact technicalContact = new Contact();
+			
+			List<ContactPerson> contacts = PVPConfiguration.getInstance().getIDPContacts();
+			if (contacts != null && contacts.size() >= 1) {								
+				technicalContact.setEmail(contacts.get(0).getEmailAddresses().get(0).getAddress());
+				technicalContact.setGivenName(contacts.get(0).getGivenName().getName());
+				technicalContact.setSurName(contacts.get(0).getSurName().getName());
+				technicalContact.setPhone(contacts.get(0).getTelephoneNumbers().get(0).getNumber());
+				mcp.setTechnicalContact(technicalContact );			
+				
+			}
+			
+			if (pvpOrganisation != null) {
+	        	mcp.setNodeUrl(pvpOrganisation.getURLs().get(0).getURL().getLocalString());
+	        	mcp.setCountryName("Austria");		        
+	        	technicalContact.setCompany(pvpOrganisation.getDisplayNames().get(0).getName().getLocalString());
+			}
+									
+		} catch (ConfigurationException | NullPointerException e) {
+			Logger.warn("Can not load Organisation or Contact from Configuration", e);
+			
+		}
+		        
+        generator.addSPRole();
+        generator.addIDPRole();
+        
+        metadata = generator.generateMetadata();
+        return metadata;
+    }
+}