diff options
Diffstat (limited to 'id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java')
| -rw-r--r-- | id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java | 80 |
1 files changed, 62 insertions, 18 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java index 4e34902e2..b4db5c83d 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java @@ -16,22 +16,29 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.eidas; +import java.util.List; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.slf4j.Logger; +import org.opensaml.saml2.metadata.ContactPerson; +import org.opensaml.saml2.metadata.Organization; import org.springframework.http.MediaType; import org.springframework.stereotype.Service; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException; import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.logging.Logger; import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.engine.metadata.Contact; import eu.eidas.auth.engine.metadata.MetadataConfigParams; import eu.eidas.auth.engine.metadata.MetadataGenerator; import eu.eidas.engine.exceptions.SAMLEngineException; @@ -42,7 +49,6 @@ import eu.eidas.engine.exceptions.SAMLEngineException; */ @Service("EidasMetaDataRequest") public class EidasMetaDataRequest implements IAction { - private Logger logger = org.slf4j.LoggerFactory.getLogger(EidasMetaDataRequest.class); /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData) @@ -52,9 +58,7 @@ public class EidasMetaDataRequest implements IAction { HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { - try { - logger.debug("EidasMetaDataServlet GET"); - + try { String pubURLPrefix = req.getAuthURL(); String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA; @@ -62,13 +66,15 @@ public class EidasMetaDataRequest implements IAction { String sp_return_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_SP_POST; String metaData = generateMetadata(metadata_url, sp_return_url); - logger.trace(metaData); + Logger.trace(metaData); - httpResp.setContentType(MediaType.TEXT_XML.getType()); + httpResp.setContentType(MediaType.APPLICATION_XML.getType()); httpResp.getWriter().print(metaData); httpResp.flushBuffer(); - } catch (Exception e) { - e.printStackTrace(); + } catch (Exception e) { + Logger.error("eIDAS Metadata generation FAILED.", e); + throw new MOAIDException("eIDAS.05", new Object[]{e.getMessage()}, e); + } @@ -103,15 +109,53 @@ public class EidasMetaDataRequest implements IAction { MetadataConfigParams mcp=new MetadataConfigParams(); generator.setConfigParams(mcp); generator.initialize(engine); - mcp.setEntityID(metadata_url); - + + mcp.setEntityID(metadata_url); + mcp.setAssertionConsumerUrl(sp_return_url); + + + //TODO: make it configurable + mcp.setAuthnRequestsSigned(true); + mcp.setWantAssertionsSigned(true); + mcp.setAssuranceLevel("http://eidas.europa.eu/LoA/substantial"); + + //must be set in request, because it could be different for every online-application + //mcp.setSpType(SPType.DEFAULT_VALUE); + + mcp.setDigestMethods(Constants.METADATA_ALLOWED_ALG_DIGIST); + mcp.setSigningMethods(Constants.METADATA_ALLOWED_ALG_SIGN); + mcp.setEncryptionAlgorithms(Constants.METADATA_ALLOWED_ALG_ENCRYPT); + + //add organisation information from PVP metadata information + Organization pvpOrganisation = null; + try { + pvpOrganisation = PVPConfiguration.getInstance().getIDPOrganisation(); + Contact technicalContact = new Contact(); + + List<ContactPerson> contacts = PVPConfiguration.getInstance().getIDPContacts(); + if (contacts != null && contacts.size() >= 1) { + technicalContact.setEmail(contacts.get(0).getEmailAddresses().get(0).getAddress()); + technicalContact.setGivenName(contacts.get(0).getGivenName().getName()); + technicalContact.setSurName(contacts.get(0).getSurName().getName()); + technicalContact.setPhone(contacts.get(0).getTelephoneNumbers().get(0).getNumber()); + mcp.setTechnicalContact(technicalContact ); + + } + + if (pvpOrganisation != null) { + mcp.setNodeUrl(pvpOrganisation.getURLs().get(0).getURL().getLocalString()); + mcp.setCountryName("Austria"); + technicalContact.setCompany(pvpOrganisation.getDisplayNames().get(0).getName().getLocalString()); + } + + } catch (ConfigurationException | NullPointerException e) { + Logger.warn("Can not load Organisation or Contact from Configuration", e); + + } + generator.addSPRole(); - String returnUrl = sp_return_url; - mcp.setAssertionConsumerUrl(returnUrl); - generator.addIDPRole(); - mcp.setAssuranceLevel("http://eidas.europa.eu/LoA/substantial"); // TODO make configurable - + metadata = generator.generateMetadata(); return metadata; } |