aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-openID/src
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules/moa-id-module-openID/src')
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java2
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java44
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java17
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAuthenticationTimeAttribute.java17
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdExpirationTimeAttribute.java15
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssueInstantAttribute.java15
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssuerAttribute.java17
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java20
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdSubjectIdentifierAttribute.java15
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileDateOfBirthAttribute.java15
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileFamilyNameAttribute.java15
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileGivenNameAttribute.java15
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuth20SignatureUtil.java2
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java30
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java93
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java22
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java71
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java16
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java28
-rw-r--r--id/server/modules/moa-id-module-openID/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java3
20 files changed, 226 insertions, 246 deletions
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java
index 9060f35c5..76e7f0901 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java
@@ -24,9 +24,9 @@ package at.gv.egovernment.moa.id.protocols.oauth20;
import java.util.Properties;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.util.FileUtils;
public class OAuth20Configuration {
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
index 9b19e0a4d..19fdb3fee 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
@@ -30,23 +30,25 @@ import org.apache.commons.lang.StringUtils;
import com.google.gson.JsonObject;
import com.google.gson.JsonPrimitive;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.BPKAttributeBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDIdentityLinkBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDIssuingNationAttributeBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSectorForIDAttributeBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSourcePIN;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSourcePINType;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
import at.gv.egovernment.moa.id.auth.stork.STORKConstants;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.data.Pair;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.BPKAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDAuthBlock;
import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDCcsURL;
import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDCitizenQAALevelAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDIdentityLinkBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDIssuingNationAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDSTORKTOKEN;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDSectorForIDAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDSignerCertificate;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDSourcePIN;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDSourcePINType;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonFullNameAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinTypeAttributeBuilder;
@@ -61,8 +63,6 @@ import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateProfRepOIDAt
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateReferenceValueAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateTypeAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthRequest;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
public final class OAuth20AttributeBuilder {
@@ -70,7 +70,7 @@ public final class OAuth20AttributeBuilder {
private OAuth20AttributeBuilder() {
throw new InstantiationError();
}
-
+
private static IAttributeGenerator<Pair<String, JsonPrimitive>> generator = new IAttributeGenerator<Pair<String, JsonPrimitive>>() {
public Pair<String, JsonPrimitive> buildStringAttribute(final String friendlyName, final String name, final String value) {
@@ -206,7 +206,7 @@ public final class OAuth20AttributeBuilder {
}
private static void addAttibutes(final List<IAttributeBuilder> builders, final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData, OAuth20AuthRequest oAuthRequest) {
+ final ISPConfiguration oaParam, final IAuthData authData, OAuth20AuthRequest oAuthRequest) {
for (IAttributeBuilder b : builders) {
try {
//TODO: better solution requires more refactoring :(
@@ -222,40 +222,40 @@ public final class OAuth20AttributeBuilder {
jsonObject.add(attribute.getFirst(), attribute.getSecond());
}
}
- catch (AttributeException e) {
+ catch (AttributeBuilderException e) {
Logger.info("Cannot add attribute " + b.getName());
}
}
}
public static void addScopeOpenId(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData,
+ final ISPConfiguration oaParam, final IAuthData authData,
final OAuth20AuthRequest oAuthRequest) {
addAttibutes(buildersOpenId, jsonObject, oaParam, authData, oAuthRequest);
}
public static void addScopeProfile(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersProfile, jsonObject, oaParam, authData, null);
}
public static void addScopeEID(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersEID, jsonObject, oaParam, authData, null);
}
public static void addScopeEIDGov(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersEIDGov, jsonObject, oaParam, authData, null);
}
public static void addScopeMandate(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersMandate, jsonObject, oaParam, authData, null);
}
public static void addScopeSTORK(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersSTORK, jsonObject, oaParam, authData, null);
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java
index a43c8fce9..b3586245b 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java
@@ -22,12 +22,11 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
public class OpenIdAudiencesAttribute implements IAttributeBuilder {
@@ -35,9 +34,9 @@ public class OpenIdAudiencesAttribute implements IAttributeBuilder {
return "aud";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
- return g.buildStringAttribute(this.getName(), "", oaParam.getPublicURLPrefix());
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+ return g.buildStringAttribute(this.getName(), "", oaParam.getUniqueIdentifier());
}
public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAuthenticationTimeAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAuthenticationTimeAttribute.java
index c6775b692..933ee8904 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAuthenticationTimeAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAuthenticationTimeAttribute.java
@@ -22,12 +22,11 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
public class OpenIdAuthenticationTimeAttribute implements IAttributeBuilder {
@@ -35,9 +34,9 @@ public class OpenIdAuthenticationTimeAttribute implements IAttributeBuilder {
return "auth_time";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
- return g.buildLongAttribute(this.getName(), "", ((long) (authData.getIssueInstant().getTime() / 1000)));
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+ return g.buildLongAttribute(this.getName(), "", ((long) (authData.getAuthenticationIssueInstant().getTime() / 1000)));
}
public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdExpirationTimeAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdExpirationTimeAttribute.java
index 5f32e32a2..04efa3979 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdExpirationTimeAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdExpirationTimeAttribute.java
@@ -24,12 +24,11 @@ package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
import java.util.Date;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
public class OpenIdExpirationTimeAttribute implements IAttributeBuilder {
@@ -39,8 +38,8 @@ public class OpenIdExpirationTimeAttribute implements IAttributeBuilder {
return "exp";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
return g.buildLongAttribute(this.getName(), "", (long) (new Date().getTime() / 1000 + expirationTime));
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssueInstantAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssueInstantAttribute.java
index 04f38faf6..459d2b1cd 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssueInstantAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssueInstantAttribute.java
@@ -24,12 +24,11 @@ package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
import java.util.Date;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
public class OpenIdIssueInstantAttribute implements IAttributeBuilder {
@@ -37,8 +36,8 @@ public class OpenIdIssueInstantAttribute implements IAttributeBuilder {
return "iat";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
return g.buildLongAttribute(this.getName(), "", (long) (new Date().getTime() / 1000));
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssuerAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssuerAttribute.java
index ff19a618a..2f4124c32 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssuerAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssuerAttribute.java
@@ -22,12 +22,11 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
public class OpenIdIssuerAttribute implements IAttributeBuilder {
@@ -35,9 +34,9 @@ public class OpenIdIssuerAttribute implements IAttributeBuilder {
return "iss";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
- return g.buildStringAttribute(this.getName(), "", authData.getIssuer());
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+ return g.buildStringAttribute(this.getName(), "", authData.getAuthenticationIssuer());
}
public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java
index eda276df2..66b6a2518 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java
@@ -22,27 +22,27 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthRequest;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.util.MiscUtil;
public class OpenIdNonceAttribute implements IAttributeBuilder {
- public String getName() {
+ public String getName() {
return "nonce";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
return g.buildStringAttribute(this.getName(), "", null);
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, OAuth20AuthRequest oAuthRequest,
- IAttributeGenerator<ATT> g) throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, OAuth20AuthRequest oAuthRequest,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
if (MiscUtil.isNotEmpty(oAuthRequest.getNonce()))
return g.buildStringAttribute(this.getName(), "", oAuthRequest.getNonce());
else
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdSubjectIdentifierAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdSubjectIdentifierAttribute.java
index 7de90e98e..e3e717ec3 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdSubjectIdentifierAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdSubjectIdentifierAttribute.java
@@ -22,12 +22,11 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
public class OpenIdSubjectIdentifierAttribute implements IAttributeBuilder {
@@ -35,8 +34,8 @@ public class OpenIdSubjectIdentifierAttribute implements IAttributeBuilder {
return "sub";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
return g.buildStringAttribute(this.getName(), "", authData.getBPK());
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileDateOfBirthAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileDateOfBirthAttribute.java
index 3ebadba52..d23877395 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileDateOfBirthAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileDateOfBirthAttribute.java
@@ -22,12 +22,11 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
public class ProfileDateOfBirthAttribute implements IAttributeBuilder {
@@ -35,8 +34,8 @@ public class ProfileDateOfBirthAttribute implements IAttributeBuilder {
return "birthdate";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
return g.buildStringAttribute(this.getName(), "", authData.getFormatedDateOfBirth());
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileFamilyNameAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileFamilyNameAttribute.java
index 89209b062..540962a29 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileFamilyNameAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileFamilyNameAttribute.java
@@ -22,12 +22,11 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
public class ProfileFamilyNameAttribute implements IAttributeBuilder {
@@ -35,8 +34,8 @@ public class ProfileFamilyNameAttribute implements IAttributeBuilder {
return "family_name";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
return g.buildStringAttribute(this.getName(), "", authData.getFamilyName());
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileGivenNameAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileGivenNameAttribute.java
index 895037b2e..f6f774a46 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileGivenNameAttribute.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileGivenNameAttribute.java
@@ -22,12 +22,11 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
public class ProfileGivenNameAttribute implements IAttributeBuilder {
@@ -35,8 +34,8 @@ public class ProfileGivenNameAttribute implements IAttributeBuilder {
return "given_name";
}
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
return g.buildStringAttribute(this.getName(), "", authData.getGivenName());
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuth20SignatureUtil.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuth20SignatureUtil.java
index cd7b8312d..17ed6b40d 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuth20SignatureUtil.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuth20SignatureUtil.java
@@ -34,11 +34,11 @@ import java.security.interfaces.RSAPublicKey;
import org.apache.commons.lang.StringUtils;
import org.opensaml.xml.security.x509.BasicX509Credential;
+import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Configuration;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20CertificateErrorException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.KeyStoreUtils;
public final class OAuth20SignatureUtil {
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
index b7c54203f..b00675e7c 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
@@ -33,16 +33,18 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
+import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.data.SLOInformationImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.data.Pair;
-import at.gv.egovernment.moa.id.data.SLOInformationImpl;
-import at.gv.egovernment.moa.id.data.SLOInformationInterface;
-import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject;
import at.gv.egovernment.moa.id.protocols.oauth20.attributes.OAuth20AttributeBuilder;
@@ -53,21 +55,19 @@ import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ServerErrorE
import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SignatureUtil;
import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuthJsonToken;
import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuthSigner;
-import at.gv.egovernment.moa.id.storage.ITransactionStorage;
-import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.logging.Logger;
@Service("OAuth20AuthAction")
class OAuth20AuthAction implements IAction {
- @Autowired protected MOAReversionLogger revisionsLogger;
+ @Autowired protected IRevisionLogger revisionsLogger;
@Autowired protected ITransactionStorage transactionStorage;
public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp,
IAuthData authData) throws MOAIDException {
OAuth20AuthRequest oAuthRequest = (OAuth20AuthRequest) req;
- String responseType = oAuthRequest.getResponseType();
+ String responseType = oAuthRequest.getResponseType();
revisionsLogger.logEvent(req, MOAIDEventConstants.AUTHPROTOCOL_OPENIDCONNECT_AUTHREQUEST);
@@ -111,7 +111,7 @@ class OAuth20AuthAction implements IAction {
//TODO: maybe add bPK / wbPK to SLO information
- SLOInformationInterface sloInformation = new SLOInformationImpl(req.getAuthURL(), req.getOnlineApplicationConfiguration().getPublicURLPrefix(), accessToken, null, null, req.requestedModule());
+ SLOInformationInterface sloInformation = new SLOInformationImpl(req.getAuthURL(), req.getServiceProviderConfiguration().getUniqueIdentifier(), accessToken, null, null, req.requestedModule());
return sloInformation;
}
@@ -156,9 +156,9 @@ class OAuth20AuthAction implements IAction {
private Pair<String, String> buildIdToken(String scope, OAuth20AuthRequest oAuthRequest, IAuthData authData)
throws MOAIDException, SignatureException {
- IOAAuthParameters oaParam = oAuthRequest.getOnlineApplicationConfiguration();
+ ISPConfiguration oaParam = oAuthRequest.getServiceProviderConfiguration();
- OAuthSigner signer = OAuth20SignatureUtil.loadSigner(authData.getIssuer());
+ OAuthSigner signer = OAuth20SignatureUtil.loadSigner(authData.getAuthenticationIssuer());
OAuthJsonToken token = new OAuthJsonToken(signer);
StringBuilder resultScopes = new StringBuilder();
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
index 258b77b98..0350a113c 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
@@ -22,30 +22,23 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.protocol;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.Map;
-
import javax.servlet.http.HttpServletRequest;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
-import at.gv.egovernment.moa.id.protocols.oauth20.attributes.OAuth20AttributeBuilder;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ResponseTypeException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
import at.gv.egovernment.moa.logging.Logger;
@Component("OAuth20AuthRequest")
@@ -102,7 +95,7 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
* the state to set
*/
public void setState(String state) {
- this.state = state;
+ this.state = state;
}
/**
@@ -167,7 +160,7 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
}
@Override
- protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception {
+ protected void populateSpecialParameters(HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
this.setResponseType(this.getParam(request, OAuth20Constants.PARAM_RESPONSE_TYPE, true));
this.setState(this.getParam(request, OAuth20Constants.PARAM_STATE, true));
this.setRedirectUri(this.getParam(request, OAuth20Constants.PARAM_REDIRECT_URI, true));
@@ -188,7 +181,7 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
// check if client id and redirect uri are ok
try {
// OAOAUTH20 cannot be null at this point. check was done in base request
- IOAAuthParameters oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL());
+ ISPConfiguration oAuthConfig = authConfig.getServiceProviderConfiguration(this.getSPEntityId());
if (!this.getClientID().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))
@@ -200,46 +193,46 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
Logger.info("Dispatch OpenIDConnect AuthRequest: ClientID=" + this.clientID);
- } catch (ConfigurationException e) {
+ } catch (EAAFConfigurationException e) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
}
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
- */
- @Override
- public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
- Map<String, String> reqAttr = new HashMap<String, String>();
- for (String el : PVP2XProtocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION)
- reqAttr.put(el, "");
-
- for (String s : scope.split(" ")) {
- if (s.equalsIgnoreCase("profile")) {
- for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersprofile())
- reqAttr.put(el.getName(), "");
-
- } else if (s.equalsIgnoreCase("eID")) {
- for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseid())
- reqAttr.put(el.getName(), "");
-
- } else if (s.equalsIgnoreCase("eID_gov")) {
- for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseidgov())
- reqAttr.put(el.getName(), "");
-
- } else if (s.equalsIgnoreCase("mandate")) {
- for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersmandate())
- reqAttr.put(el.getName(), "");
-
- } else if (s.equalsIgnoreCase("stork")) {
- for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersstork())
- reqAttr.put(el.getName(), "");
-
- }
- }
-
- //return attributQueryBuilder.buildSAML2AttributeList(this.getOnlineApplicationConfiguration(), reqAttr.keySet().iterator());
- return reqAttr.keySet();
- }
+// /* (non-Javadoc)
+// * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
+// */
+// @Override
+// public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
+// Map<String, String> reqAttr = new HashMap<String, String>();
+// for (String el : PVP2XProtocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION)
+// reqAttr.put(el, "");
+//
+// for (String s : scope.split(" ")) {
+// if (s.equalsIgnoreCase("profile")) {
+// for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersprofile())
+// reqAttr.put(el.getName(), "");
+//
+// } else if (s.equalsIgnoreCase("eID")) {
+// for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseid())
+// reqAttr.put(el.getName(), "");
+//
+// } else if (s.equalsIgnoreCase("eID_gov")) {
+// for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseidgov())
+// reqAttr.put(el.getName(), "");
+//
+// } else if (s.equalsIgnoreCase("mandate")) {
+// for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersmandate())
+// reqAttr.put(el.getName(), "");
+//
+// } else if (s.equalsIgnoreCase("stork")) {
+// for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersstork())
+// reqAttr.put(el.getName(), "");
+//
+// }
+// }
+//
+// //return attributQueryBuilder.buildSAML2AttributeList(this.getOnlineApplicationConfiguration(), reqAttr.keySet().iterator());
+// return reqAttr.keySet();
+// }
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
index 3ab283db5..118de861c 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
@@ -31,11 +31,11 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.moduls.RequestImpl;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20OANotSupportedException;
@@ -48,7 +48,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
private static final long serialVersionUID = 1L;
protected Set<String> allowedParameters = new HashSet<String>();
-
+
protected String getParam(final HttpServletRequest request, final String name, final boolean isNeeded) throws OAuth20Exception {
String param = request.getParameter(name);
Logger.debug("Reading param " + name + " from HttpServletRequest with value " + param);
@@ -62,7 +62,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
return param;
}
- protected void populateParameters(final HttpServletRequest request) throws OAuth20Exception {
+ protected void populateParameters(final HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
// moa id - load oa with client id!
try {
@@ -70,8 +70,8 @@ abstract class OAuth20BaseRequest extends RequestImpl {
if (!ParamValidatorUtils.isValidOA(oaURL)) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
}
- this.setOAURL(oaURL);
- IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaURL);
+ this.setSPEntityId(oaURL);
+ ISPConfiguration oaParam = authConfig.getServiceProviderConfiguration(oaURL);
if (oaParam == null) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
@@ -83,12 +83,12 @@ abstract class OAuth20BaseRequest extends RequestImpl {
throw new OAuth20OANotSupportedException();
}
}
- catch (ConfigurationException e) {
+ catch (EAAFConfigurationException e) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
}
// oAuth
- this.populateSpecialParameters(request);
+ this.populateSpecialParameters(request, authConfig);
// cleanup parameters
this.checkAllowedParameters(request);
@@ -112,6 +112,6 @@ abstract class OAuth20BaseRequest extends RequestImpl {
}
- protected abstract void populateSpecialParameters(final HttpServletRequest request) throws OAuth20Exception;
+ protected abstract void populateSpecialParameters(final HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception;
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index d72fe9686..9f4174bf0 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -17,24 +17,24 @@ import org.springframework.web.bind.annotation.RequestMethod;
import com.google.gson.JsonObject;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
+import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
-import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.moduls.RequestImpl;
-import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.util.ErrorResponseUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@Controller
-public class OAuth20Protocol extends AbstractAuthProtocolModulController {
+public class OAuth20Protocol extends AbstractAuthProtocolModulController implements IModulInfo {
public static final String NAME = OAuth20Protocol.class.getName();
public static final String PATH = "id_oauth20";
@@ -48,15 +48,16 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController {
PVPConstants.BPK_NAME
});
- public String getName() {
+ public String getName() {
return NAME;
}
-
- public String getPath() {
+
+ @Override
+ public String getAuthProtocolIdentifier() {
return PATH;
}
- /**
+ /**
*
*/
public OAuth20Protocol() {
@@ -67,22 +68,22 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController {
//OpenID Connect auth request
@RequestMapping(value = "/oauth2/auth", method = {RequestMethod.POST, RequestMethod.GET})
- public void openIDConnectAuthRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {
- if (!authConfig.getAllowedProtocols().isOAUTHActive()) {
- Logger.info("OpenID-Connect is deaktivated!");
- throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
-
- }
+ public void openIDConnectAuthRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException, InvalidProtocolRequestException {
+// if (!authConfig.getAllowedProtocols().isOAUTHActive()) {
+// Logger.info("OpenID-Connect is deaktivated!");
+// throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
+//
+// }
OAuth20AuthRequest pendingReq = applicationContext.getBean(OAuth20AuthRequest.class);
try {
- pendingReq.initialize(req);
+ pendingReq.initialize(req, authConfig);
pendingReq.setModule(OAuth20Protocol.NAME);
- pendingReq.populateParameters(req);
+ pendingReq.populateParameters(req, authConfig);
- } catch (OAuth20Exception e) {
+ } catch (EAAFException e) {
Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
- throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters(), e);
+ throw new InvalidProtocolRequestException(e.getErrorId(), e.getParams(), e);
}
@@ -101,22 +102,22 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController {
//openID Connect tokken request
@RequestMapping(value = "/oauth2/token", method = {RequestMethod.POST, RequestMethod.GET})
- public void OpenIDConnectTokkenRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {
- if (!authConfig.getAllowedProtocols().isOAUTHActive()) {
- Logger.info("OpenID-Connect is deaktivated!");
- throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
-
- }
+ public void OpenIDConnectTokkenRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException, InvalidProtocolRequestException {
+// if (!authConfig.getAllowedProtocols().isOAUTHActive()) {
+// Logger.info("OpenID-Connect is deaktivated!");
+// throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
+//
+// }
OAuth20TokenRequest pendingReq = applicationContext.getBean(OAuth20TokenRequest.class);
try {
- pendingReq.initialize(req);
+ pendingReq.initialize(req, authConfig);
pendingReq.setModule(OAuth20Protocol.NAME);
- pendingReq.populateParameters(req);
+ pendingReq.populateParameters(req, authConfig);
- } catch (OAuth20Exception e) {
+ } catch (EAAFException e) {
Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
- throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters(), e);
+ throw new InvalidProtocolRequestException(e.getErrorId(), e.getParams(), e);
}
@@ -148,18 +149,16 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController {
String errorUri = protocolRequest.getAuthURL()
+"/" + OAuth20Constants.ERRORPAGE;
String moaError = null;
-
- ErrorResponseUtils errorUtils = ErrorResponseUtils.getInstance();
-
+
if (e instanceof OAuth20Exception) {
errorCode = ((OAuth20Exception) e).getErrorCode();
errorDescription = URLEncoder.encode(((OAuth20Exception) e).getMessageId() + ": " + e.getMessage(), "UTF-8");
- moaError = errorUtils.mapInternalErrorToExternalError(((OAuth20Exception) e).getMessageId());
+ moaError = statusMessager.mapInternalErrorToExternalError(((OAuth20Exception) e).getMessageId());
} else {
errorCode = OAuth20Constants.ERROR_SERVER_ERROR;
errorDescription = URLEncoder.encode(e.getMessage(), "UTF-8");
- moaError = errorUtils.getResponseErrorCode(e);
+ moaError = statusMessager.getResponseErrorCode(e);
}
String paramRedirect = null;
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java
index 2117e2ab8..f3dcbd295 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java
@@ -31,31 +31,31 @@ import org.springframework.stereotype.Service;
import com.google.gson.JsonObject;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
+import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.data.SLOInformationInterface;
-import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ServerErrorException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20UnauthorizedClientException;
-import at.gv.egovernment.moa.id.storage.ITransactionStorage;
import at.gv.egovernment.moa.logging.Logger;
@Service("OAuth20TokenAction")
class OAuth20TokenAction implements IAction {
- @Autowired protected MOAReversionLogger revisionsLogger;
+ @Autowired protected IRevisionLogger revisionsLogger;
@Autowired protected ITransactionStorage transactionStorage;
public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp,
IAuthData authData) throws MOAIDException {
-
+
OAuth20SessionObject auth20SessionObject = null;
try {
OAuth20TokenRequest oAuthRequest = (OAuth20TokenRequest) req;
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
index 50638ebf8..89e4252b1 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
@@ -22,19 +22,17 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.protocol;
-import java.util.Collection;
-
import javax.servlet.http.HttpServletRequest;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
@@ -127,7 +125,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
}
@Override
- protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception {
+ protected void populateSpecialParameters(HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
this.setCode(this.getParam(request, OAuth20Constants.RESPONSE_CODE, true));
this.setGrantType(this.getParam(request, OAuth20Constants.PARAM_GRANT_TYPE, true));
this.setClientID(this.getParam(request, OAuth20Constants.PARAM_CLIENT_ID, true));
@@ -141,7 +139,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
// check if client id and secret are ok
try {
// OAOAUTH20 cannot be null at this point. check was done in base request
- IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL());
+ ISPConfiguration oaParam = authConfig.getServiceProviderConfiguration(this.getSPEntityId());
if (!this.getClientID().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))) {
throw new OAuth20AccessDeniedException();
@@ -154,7 +152,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
this.setOnlineApplicationConfiguration(oaParam);
}
- catch (ConfigurationException e) {
+ catch (EAAFConfigurationException e) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
}
@@ -165,11 +163,11 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
this.allowedParameters.add(OAuth20Constants.PARAM_REDIRECT_URI);
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
- */
- @Override
- public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
- return null;
- }
+// /* (non-Javadoc)
+// * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
+// */
+// @Override
+// public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
+// return null;
+// }
}
diff --git a/id/server/modules/moa-id-module-openID/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java b/id/server/modules/moa-id-module-openID/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java
index 35bbac6e7..824d64171 100644
--- a/id/server/modules/moa-id-module-openID/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java
+++ b/id/server/modules/moa-id-module-openID/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java
@@ -30,10 +30,9 @@ import org.opensaml.xml.security.x509.BasicX509Credential;
import org.testng.Assert;
import org.testng.annotations.Test;
+import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Signer;
import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Verifier;
-import at.gv.egovernment.moa.util.KeyStoreUtils;
-
import net.oauth.jsontoken.crypto.Signer;
import net.oauth.jsontoken.crypto.Verifier;